Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: gradle

com.github.hazendaz.gradle:gradle:8.11.1

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
checker-qual-3.48.2.jarpkg:maven/org.checkerframework/checker-qual@3.48.2 044
error_prone_annotations-2.35.1.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.35.1 029
j2objc-annotations-3.0.0.jarpkg:maven/com.google.j2objc/j2objc-annotations@3.0.0 033
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
lombok-1.18.36.jar: mavenEcjBootstrapAgent.jar 07
lombok-1.18.36.jarpkg:maven/org.projectlombok/lombok@1.18.36 036
modernizer-maven-annotations-2.9.0.jarpkg:maven/org.gaul/modernizer-maven-annotations@2.9.0 019
spotbugs-annotations-4.8.6.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.6 053

Dependencies (vulnerable)

checker-qual-3.48.2.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.48.2\checker-qual-3.48.2.jar
MD5: dbf6dc63dfb8a5b4c739cb844fd66dcd
SHA1: 2a4797df796b23026b8215545b0d2936bacc52af
SHA256:af23f20c995b2fede35b1eba81177a9a66944ec67b8e4dee19aa4cc0b710c6b5
Referenced In Project/Scope: gradle:compile
checker-qual-3.48.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers

error_prone_annotations-2.35.1.jar

Description:

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.35.1\error_prone_annotations-2.35.1.jar
MD5: e017d8c88988d129e9076546a8d0a714
SHA1: c36f9e12192226278c2b163bf61990b131e59903
SHA256:03b63fee38e3a86fda311af5a0357e64eea44909aab5251ed178119270508ff5
Referenced In Project/Scope: gradle:provided
error_prone_annotations-2.35.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers

j2objc-annotations-3.0.0.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.
  

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.0.0\j2objc-annotations-3.0.0.jar
MD5: f59529b29202a5baf37f491ea5ec8627
SHA1: 7399e65dd7e9ff3404f4535b2f017093bdb134c7
SHA256:88241573467ddca44ffd4d74aa04c2bbfd11bf7c17e0c342c94c9de7a70a7c64
Referenced In Project/Scope: gradle:provided
j2objc-annotations-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: gradle:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.6

Identifiers

lombok-1.18.36.jar: mavenEcjBootstrapAgent.jar

File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.36\lombok-1.18.36.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: 27467519bf9615b24cad3b003c4353a9
SHA1: 37d92e0a726a67883ab94bee27c6f292e6318dcd
SHA256:9566d0706d6245cac3cdd9db6d1d81551aa3e727febcf64452c6db9701c40037
Referenced In Project/Scope: gradle:provided

Identifiers

  • None

lombok-1.18.36.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.36\lombok-1.18.36.jar
MD5: 92c08153ae16c161c8cc2cc8185d2724
SHA1: 5a30490a6e14977d97d9c73c924c1f1b5311ea95
SHA256:73b6b05b6a2d365b700bab08d30f94de9d336490bc0acce5b6181fef48cbf18e
Referenced In Project/Scope: gradle:provided
lombok-1.18.36.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers

modernizer-maven-annotations-2.9.0.jar

File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.9.0\modernizer-maven-annotations-2.9.0.jar
MD5: 638a555dc0ff4c996e8a920215fc8ea4
SHA1: 4de00c50ce237cf7a721ffe907e11f0688538b04
SHA256:baeca9a46aae8dbe8075058726389112382bc60be811e70886fbaba57c68502f
Referenced In Project/Scope: gradle:provided
modernizer-maven-annotations-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers

spotbugs-annotations-4.8.6.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.8.6\spotbugs-annotations-4.8.6.jar
MD5: 0806b237c67c69869506ce3ced9a722f
SHA1: 1dcffed3e561ed32134a0dff4717f19bc2fdf4d8
SHA256:4548b74a815ed44f5480ca4f06204a8b00809dc7e5f6a825a9edf18f40377b65
Referenced In Project/Scope: gradle:provided
spotbugs-annotations-4.8.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.gradle/gradle@8.11.1

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.