Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all):
- dependency-check version: 12.1.6
- Report Generated On: Sat, 4 Oct 2025 12:52:52 -0400
- Dependencies Scanned: 8 (8 unique)
- Vulnerable Dependencies: 0
- Vulnerabilities Found: 0
- Vulnerabilities Suppressed: 0
- ...
- NVD API Last Checked: 2025-10-04T12:52:44-04
- NVD API Last Modified: 2025-10-04T16:15:58Z
Summary
Summary of Vulnerable Dependencies (click to show all)
checker-qual-3.51.1.jar
Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.51.1\checker-qual-3.51.1.jar
MD5: 1b247ba89d3b8776fa6223324b934f56
SHA1: d69c339a293b5ec04b26c9d994cbeffb7056d122
SHA256:153aeffe56ca24f3a9b8b6c6ff813eace9620ccf35adfab91d491682e56cd5ce
Referenced In Project/Scope: base-parent:compile
checker-qual-3.51.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | checker-qual | High |
| Vendor | jar | package name | checker | Highest |
| Vendor | jar | package name | checkerframework | Highest |
| Vendor | jar | package name | framework | Highest |
| Vendor | jar | package name | qual | Highest |
| Vendor | Manifest | bundle-symbolicname | checker-qual | Medium |
| Vendor | Manifest | implementation-url | https://checkerframework.org | Low |
| Vendor | pom | artifactid | checker-qual | Highest |
| Vendor | pom | artifactid | checker-qual | Low |
| Vendor | pom | developer email | mernst@cs.washington.edu | Low |
| Vendor | pom | developer email | smillst@cs.washington.edu | Low |
| Vendor | pom | developer id | mernst | Medium |
| Vendor | pom | developer id | smillst | Medium |
| Vendor | pom | developer name | Michael Ernst | Medium |
| Vendor | pom | developer name | Suzanne Millstein | Medium |
| Vendor | pom | developer org | University of Washington | Medium |
| Vendor | pom | developer org URL | https://www.cs.washington.edu/ | Medium |
| Vendor | pom | groupid | org.checkerframework | Highest |
| Vendor | pom | name | Checker Qual | High |
| Vendor | pom | url | https://checkerframework.org/ | Highest |
| Product | file | name | checker-qual | High |
| Product | jar | package name | checker | Highest |
| Product | jar | package name | checkerframework | Highest |
| Product | jar | package name | framework | Highest |
| Product | jar | package name | qual | Highest |
| Product | Manifest | Bundle-Name | checker-qual | Medium |
| Product | Manifest | bundle-symbolicname | checker-qual | Medium |
| Product | Manifest | implementation-url | https://checkerframework.org | Low |
| Product | pom | artifactid | checker-qual | Highest |
| Product | pom | developer email | mernst@cs.washington.edu | Low |
| Product | pom | developer email | smillst@cs.washington.edu | Low |
| Product | pom | developer id | mernst | Low |
| Product | pom | developer id | smillst | Low |
| Product | pom | developer name | Michael Ernst | Low |
| Product | pom | developer name | Suzanne Millstein | Low |
| Product | pom | developer org | University of Washington | Low |
| Product | pom | developer org URL | https://www.cs.washington.edu/ | Low |
| Product | pom | groupid | org.checkerframework | Highest |
| Product | pom | name | Checker Qual | High |
| Product | pom | url | https://checkerframework.org/ | Medium |
| Version | file | version | 3.51.1 | High |
| Version | Manifest | Bundle-Version | 3.51.1 | High |
| Version | Manifest | Implementation-Version | 3.51.1 | High |
| Version | pom | version | 3.51.1 | Highest |
- pkg:maven/org.checkerframework/checker-qual@3.51.1 (Confidence:High)
error_prone_annotations-2.42.0.jar
Description:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.42.0\error_prone_annotations-2.42.0.jar
MD5: 27a54b790cf5121be1982b585870154d
SHA1: 57a3eddaddd4f2d412e13d3bcefba29b5ebda1b6
SHA256:f282a6488838986b8033bd51888928cff6a59c1050426476553ed2622b89e510
Referenced In Project/Scope: base-parent:provided
error_prone_annotations-2.42.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | error_prone_annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | errorprone | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | Manifest | build-jdk-spec | 17 | Low |
| Vendor | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Vendor | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | error_prone_annotations | Highest |
| Vendor | pom | artifactid | error_prone_annotations | Low |
| Vendor | pom | groupid | com.google.errorprone | Highest |
| Vendor | pom | name | error-prone annotations | High |
| Vendor | pom | parent-artifactid | error_prone_parent | Low |
| Product | file | name | error_prone_annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | errorprone | Highest |
| Product | jar | package name | google | Highest |
| Product | Manifest | build-jdk-spec | 17 | Low |
| Product | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Product | Manifest | Bundle-Name | error-prone annotations | Medium |
| Product | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | error_prone_annotations | Highest |
| Product | pom | groupid | com.google.errorprone | Highest |
| Product | pom | name | error-prone annotations | High |
| Product | pom | parent-artifactid | error_prone_parent | Medium |
| Version | file | version | 2.42.0 | High |
| Version | Manifest | Bundle-Version | 2.42.0 | High |
| Version | pom | version | 2.42.0 | Highest |
- pkg:maven/com.google.errorprone/error_prone_annotations@2.42.0 (Confidence:High)
j2objc-annotations-3.1.jar
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.1\j2objc-annotations-3.1.jar
MD5: abe8bd3abff622b9a8b15c3a737aa741
SHA1: a892ca9507839bbdb900d64310ac98256cab992f
SHA256:84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b
Referenced In Project/Scope: base-parent:provided
j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | j2objc-annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | jar | package name | j2objc | Highest |
| Vendor | Manifest | build-jdk-spec | 22 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | j2objc-annotations | Highest |
| Vendor | pom | artifactid | j2objc-annotations | Low |
| Vendor | pom | developer email | tball@google.com | Low |
| Vendor | pom | developer id | tomball | Medium |
| Vendor | pom | developer name | Tom Ball | Medium |
| Vendor | pom | developer org | Google | Medium |
| Vendor | pom | developer org URL | https://www.google.com | Medium |
| Vendor | pom | groupid | com.google.j2objc | Highest |
| Vendor | pom | name | J2ObjC Annotations | High |
| Vendor | pom | url | google/j2objc/ | Highest |
| Product | file | name | j2objc-annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | google | Highest |
| Product | jar | package name | j2objc | Highest |
| Product | Manifest | build-jdk-spec | 22 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | j2objc-annotations | Highest |
| Product | pom | developer email | tball@google.com | Low |
| Product | pom | developer id | tomball | Low |
| Product | pom | developer name | Tom Ball | Low |
| Product | pom | developer org | Google | Low |
| Product | pom | developer org URL | https://www.google.com | Low |
| Product | pom | groupid | com.google.j2objc | Highest |
| Product | pom | name | J2ObjC Annotations | High |
| Product | pom | url | google/j2objc/ | High |
| Version | file | version | 3.1 | High |
| Version | pom | version | 3.1 | Highest |
- pkg:maven/com.google.j2objc/j2objc-annotations@3.1 (Confidence:High)
jsr305-3.0.2.jar
Description:
JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: base-parent:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.6
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | jsr305 | High |
| Vendor | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Vendor | pom | artifactid | jsr305 | Highest |
| Vendor | pom | artifactid | jsr305 | Low |
| Vendor | pom | groupid | com.google.code.findbugs | Highest |
| Vendor | pom | name | FindBugs-jsr305 | High |
| Vendor | pom | url | http://findbugs.sourceforge.net/ | Highest |
| Product | file | name | jsr305 | High |
| Product | Manifest | Bundle-Name | FindBugs-jsr305 | Medium |
| Product | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Product | pom | artifactid | jsr305 | Highest |
| Product | pom | groupid | com.google.code.findbugs | Highest |
| Product | pom | name | FindBugs-jsr305 | High |
| Product | pom | url | http://findbugs.sourceforge.net/ | Medium |
| Version | file | version | 3.0.2 | High |
| Version | Manifest | Bundle-Version | 3.0.2 | High |
| Version | pom | version | 3.0.2 | Highest |
- pkg:maven/com.google.code.findbugs/jsr305@3.0.2 (Confidence:High)
lombok-1.18.42.jar: mavenEcjBootstrapAgent.jar
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.42\lombok-1.18.42.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: 885d5d6be90a5dcd4b82cdf741e3f31a
SHA1: e1f7f1779f40157fd0b984c1bc32a0cb45cae66e
SHA256:74a80a6ee84e5c6fe497dfcc46a46dbe30578525e747eb531e918ee0750c8da9
Referenced In Project/Scope: base-parent:provided
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | mavenEcjBootstrapAgent | High |
| Vendor | jar | package name | launch | Low |
| Vendor | jar | package name | lombok | Low |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Product | file | name | mavenEcjBootstrapAgent | High |
| Product | jar | package name | launch | Low |
| Product | Manifest | can-redefine-classes | true | Low |
lombok-1.18.42.jar
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.42\lombok-1.18.42.jar
MD5: f29149836e0187fb9fd95d82dc718d36
SHA1: 8365263844ebb62398e0dc33057ba10ba472d3b8
SHA256:3488a4e9994c26596baaceebee58cad36a50e3bdaec5be72b5834d3c3b560306
Referenced In Project/Scope: base-parent:provided
lombok-1.18.42.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | lombok | High |
| Vendor | jar | package name | java | Highest |
| Vendor | jar | package name | lombok | Highest |
| Vendor | jar | package name | tostring | Highest |
| Vendor | Manifest | automatic-module-name | lombok | Medium |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Vendor | pom | artifactid | lombok | Highest |
| Vendor | pom | artifactid | lombok | Low |
| Vendor | pom | developer email | reinier@projectlombok.org | Low |
| Vendor | pom | developer email | roel@projectlombok.org | Low |
| Vendor | pom | developer id | rspilker | Medium |
| Vendor | pom | developer id | rzwitserloot | Medium |
| Vendor | pom | developer name | Reinier Zwitserloot | Medium |
| Vendor | pom | developer name | Roel Spilker | Medium |
| Vendor | pom | groupid | org.projectlombok | Highest |
| Vendor | pom | name | Project Lombok | High |
| Vendor | pom | url | https://projectlombok.org | Highest |
| Product | file | name | lombok | High |
| Product | jar | package name | java | Highest |
| Product | jar | package name | lombok | Highest |
| Product | jar | package name | tostring | Highest |
| Product | Manifest | automatic-module-name | lombok | Medium |
| Product | Manifest | can-redefine-classes | true | Low |
| Product | pom | artifactid | lombok | Highest |
| Product | pom | developer email | reinier@projectlombok.org | Low |
| Product | pom | developer email | roel@projectlombok.org | Low |
| Product | pom | developer id | rspilker | Low |
| Product | pom | developer id | rzwitserloot | Low |
| Product | pom | developer name | Reinier Zwitserloot | Low |
| Product | pom | developer name | Roel Spilker | Low |
| Product | pom | groupid | org.projectlombok | Highest |
| Product | pom | name | Project Lombok | High |
| Product | pom | url | https://projectlombok.org | Medium |
| Version | file | version | 1.18.42 | High |
| Version | Manifest | lombok-version | 1.18.42 | Medium |
| Version | pom | version | 1.18.42 | Highest |
- pkg:maven/org.projectlombok/lombok@1.18.42 (Confidence:High)
modernizer-maven-annotations-3.2.0.jar
File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\3.2.0\modernizer-maven-annotations-3.2.0.jar
MD5: 127396b14eb51fd93eb587308f079768
SHA1: 23a99089ff682152e86ab1691a8232db325def09
SHA256:9f9396f361f0d45d435355c1f2b57980307abd81f3131083ec18f54fbbaa5ecb
Referenced In Project/Scope: base-parent:provided
modernizer-maven-annotations-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | modernizer-maven-annotations | High |
| Vendor | jar | package name | gaul | Highest |
| Vendor | Manifest | build-jdk-spec | 21 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | modernizer-maven-annotations | Highest |
| Vendor | pom | artifactid | modernizer-maven-annotations | Low |
| Vendor | pom | groupid | org.gaul | Highest |
| Vendor | pom | name | Modernizer Maven Plugin annotations | High |
| Vendor | pom | parent-artifactid | modernizer-maven-parent | Low |
| Product | file | name | modernizer-maven-annotations | High |
| Product | jar | package name | gaul | Highest |
| Product | Manifest | build-jdk-spec | 21 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | modernizer-maven-annotations | Highest |
| Product | pom | groupid | org.gaul | Highest |
| Product | pom | name | Modernizer Maven Plugin annotations | High |
| Product | pom | parent-artifactid | modernizer-maven-parent | Medium |
| Version | file | version | 3.2.0 | High |
| Version | pom | version | 3.2.0 | Highest |
- pkg:maven/org.gaul/modernizer-maven-annotations@3.2.0 (Confidence:High)
spotbugs-annotations-4.9.6.jar
Description:
Annotations the SpotBugs tool supports
License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.9.6\spotbugs-annotations-4.9.6.jar
MD5: afeb53284357009299bf2ac13cf021b2
SHA1: fa9760f5a45bd158dab85aa7e2d954de5d389bbf
SHA256:523d394a6b36174ad0a22f0c1c75b105ccff42869a8b7ce86e7fd339ca6f86ce
Referenced In Project/Scope: base-parent:provided
spotbugs-annotations-4.9.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/base-parent@55
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | spotbugs-annotations | High |
| Vendor | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Vendor | Manifest | bundle-requiredexecutionenvironment | JavaSE-1.8 | Low |
| Vendor | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Vendor | pom | artifactid | spotbugs-annotations | Highest |
| Vendor | pom | artifactid | spotbugs-annotations | Low |
| Vendor | pom | developer email | andreas.sewe@codetrails.com | Low |
| Vendor | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Vendor | pom | developer email | loskutov@gmx.de | Low |
| Vendor | pom | developer email | skypencil@gmail.com | Low |
| Vendor | pom | developer id | henrik242 | Medium |
| Vendor | pom | developer id | iloveeclipse | Medium |
| Vendor | pom | developer id | jsotuyod | Medium |
| Vendor | pom | developer id | KengoTODA | Medium |
| Vendor | pom | developer id | mebigfatguy | Medium |
| Vendor | pom | developer id | sewe | Medium |
| Vendor | pom | developer id | ThrawnCA | Medium |
| Vendor | pom | developer name | Andreas Sewe | Medium |
| Vendor | pom | developer name | Andrey Loskutov | Medium |
| Vendor | pom | developer name | Dave Brosius | Medium |
| Vendor | pom | developer name | Juan Martín Sotuyo Dodero | Medium |
| Vendor | pom | developer name | Kengo TODA | Medium |
| Vendor | pom | groupid | com.github.spotbugs | Highest |
| Vendor | pom | name | SpotBugs Annotations | High |
| Vendor | pom | url | https://spotbugs.github.io/ | Highest |
| Product | file | name | spotbugs-annotations | High |
| Product | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Product | Manifest | Bundle-Name | spotbugs-annotations | Medium |
| Product | Manifest | bundle-requiredexecutionenvironment | JavaSE-1.8 | Low |
| Product | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Product | pom | artifactid | spotbugs-annotations | Highest |
| Product | pom | developer email | andreas.sewe@codetrails.com | Low |
| Product | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Product | pom | developer email | loskutov@gmx.de | Low |
| Product | pom | developer email | skypencil@gmail.com | Low |
| Product | pom | developer id | henrik242 | Low |
| Product | pom | developer id | iloveeclipse | Low |
| Product | pom | developer id | jsotuyod | Low |
| Product | pom | developer id | KengoTODA | Low |
| Product | pom | developer id | mebigfatguy | Low |
| Product | pom | developer id | sewe | Low |
| Product | pom | developer id | ThrawnCA | Low |
| Product | pom | developer name | Andreas Sewe | Low |
| Product | pom | developer name | Andrey Loskutov | Low |
| Product | pom | developer name | Dave Brosius | Low |
| Product | pom | developer name | Juan Martín Sotuyo Dodero | Low |
| Product | pom | developer name | Kengo TODA | Low |
| Product | pom | groupid | com.github.spotbugs | Highest |
| Product | pom | name | SpotBugs Annotations | High |
| Product | pom | url | https://spotbugs.github.io/ | Medium |
| Version | file | version | 4.9.6 | High |
| Version | Manifest | Bundle-Version | 4.9.6 | High |
| Version | pom | version | 4.9.6 | Highest |
- pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.6 (Confidence:High)