Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all):
- dependency-check version: 10.0.3
- Report Generated On: Wed, 21 Aug 2024 18:58:50 -0400
- Dependencies Scanned: 8 (8 unique)
- Vulnerable Dependencies: 0
- Vulnerabilities Found: 0
- Vulnerabilities Suppressed: 0
- ...
- NVD API Last Checked: 2024-08-21T18:40:12-04
- NVD API Last Modified: 2024-08-21T22:15:04Z
Summary
Display:
Showing Vulnerable Dependencies (click to show all) checker-qual-3.46.0.jar
Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.46.0\checker-qual-3.46.0.jar
MD5: 5436ae3f8b4e1dfece73580a232ba98d
SHA1: 829954afc56f1737a1df3ab5aa889de574b97cc4
SHA256:4bc77a172279304c3f35045d6b9c8492780f047e5ad9919d77431caf29e44401
Referenced In Project/Scope: npp:compile
checker-qual-3.46.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | checker-qual | High |
| Vendor | jar | package name | checker | Highest |
| Vendor | jar | package name | checkerframework | Highest |
| Vendor | jar | package name | framework | Highest |
| Vendor | jar | package name | qual | Highest |
| Vendor | Manifest | bundle-symbolicname | checker-qual | Medium |
| Vendor | Manifest | implementation-url | https://checkerframework.org | Low |
| Vendor | pom | artifactid | checker-qual | Highest |
| Vendor | pom | artifactid | checker-qual | Low |
| Vendor | pom | developer email | mernst@cs.washington.edu | Low |
| Vendor | pom | developer email | smillst@cs.washington.edu | Low |
| Vendor | pom | developer id | mernst | Medium |
| Vendor | pom | developer id | smillst | Medium |
| Vendor | pom | developer name | Michael Ernst | Medium |
| Vendor | pom | developer name | Suzanne Millstein | Medium |
| Vendor | pom | developer org | University of Washington | Medium |
| Vendor | pom | developer org URL | https://www.cs.washington.edu/ | Medium |
| Vendor | pom | groupid | org.checkerframework | Highest |
| Vendor | pom | name | Checker Qual | High |
| Vendor | pom | url | https://checkerframework.org/ | Highest |
| Product | file | name | checker-qual | High |
| Product | jar | package name | checker | Highest |
| Product | jar | package name | checkerframework | Highest |
| Product | jar | package name | framework | Highest |
| Product | jar | package name | qual | Highest |
| Product | Manifest | Bundle-Name | checker-qual | Medium |
| Product | Manifest | bundle-symbolicname | checker-qual | Medium |
| Product | Manifest | implementation-url | https://checkerframework.org | Low |
| Product | pom | artifactid | checker-qual | Highest |
| Product | pom | developer email | mernst@cs.washington.edu | Low |
| Product | pom | developer email | smillst@cs.washington.edu | Low |
| Product | pom | developer id | mernst | Low |
| Product | pom | developer id | smillst | Low |
| Product | pom | developer name | Michael Ernst | Low |
| Product | pom | developer name | Suzanne Millstein | Low |
| Product | pom | developer org | University of Washington | Low |
| Product | pom | developer org URL | https://www.cs.washington.edu/ | Low |
| Product | pom | groupid | org.checkerframework | Highest |
| Product | pom | name | Checker Qual | High |
| Product | pom | url | https://checkerframework.org/ | Medium |
| Version | file | version | 3.46.0 | High |
| Version | Manifest | Bundle-Version | 3.46.0 | High |
| Version | Manifest | Implementation-Version | 3.46.0 | High |
| Version | pom | version | 3.46.0 | Highest |
error_prone_annotations-2.29.2.jar
Description:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.29.2\error_prone_annotations-2.29.2.jar
MD5: 5f6247dcc6ee86c5ebbe960d4a212472
SHA1: 23bbed35f2d071c8507984834e3e6438c7fee7d2
SHA256:e0a426b2449af2323cfb539b729e5be6f4d65c72075c9b7b18c8e87e63ac468c
Referenced In Project/Scope: npp:provided
error_prone_annotations-2.29.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | error_prone_annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | errorprone | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | Manifest | build-jdk-spec | 17 | Low |
| Vendor | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Vendor | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | error_prone_annotations | Highest |
| Vendor | pom | artifactid | error_prone_annotations | Low |
| Vendor | pom | groupid | com.google.errorprone | Highest |
| Vendor | pom | name | error-prone annotations | High |
| Vendor | pom | parent-artifactid | error_prone_parent | Low |
| Product | file | name | error_prone_annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | errorprone | Highest |
| Product | jar | package name | google | Highest |
| Product | Manifest | build-jdk-spec | 17 | Low |
| Product | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Product | Manifest | Bundle-Name | error-prone annotations | Medium |
| Product | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | error_prone_annotations | Highest |
| Product | pom | groupid | com.google.errorprone | Highest |
| Product | pom | name | error-prone annotations | High |
| Product | pom | parent-artifactid | error_prone_parent | Medium |
| Version | file | version | 2.29.2 | High |
| Version | Manifest | Bundle-Version | 2.29.2 | High |
| Version | pom | version | 2.29.2 | Highest |
j2objc-annotations-3.0.0.jar
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.0.0\j2objc-annotations-3.0.0.jar
MD5: f59529b29202a5baf37f491ea5ec8627
SHA1: 7399e65dd7e9ff3404f4535b2f017093bdb134c7
SHA256:88241573467ddca44ffd4d74aa04c2bbfd11bf7c17e0c342c94c9de7a70a7c64
Referenced In Project/Scope: npp:provided
j2objc-annotations-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | j2objc-annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | jar | package name | j2objc | Highest |
| Vendor | Manifest | build-jdk-spec | 11 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | j2objc-annotations | Highest |
| Vendor | pom | artifactid | j2objc-annotations | Low |
| Vendor | pom | developer email | tball@google.com | Low |
| Vendor | pom | developer id | tomball | Medium |
| Vendor | pom | developer name | Tom Ball | Medium |
| Vendor | pom | developer org | Google | Medium |
| Vendor | pom | developer org URL | https://www.google.com | Medium |
| Vendor | pom | groupid | com.google.j2objc | Highest |
| Vendor | pom | name | J2ObjC Annotations | High |
| Vendor | pom | url | google/j2objc/ | Highest |
| Product | file | name | j2objc-annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | google | Highest |
| Product | jar | package name | j2objc | Highest |
| Product | Manifest | build-jdk-spec | 11 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | j2objc-annotations | Highest |
| Product | pom | developer email | tball@google.com | Low |
| Product | pom | developer id | tomball | Low |
| Product | pom | developer name | Tom Ball | Low |
| Product | pom | developer org | Google | Low |
| Product | pom | developer org URL | https://www.google.com | Low |
| Product | pom | groupid | com.google.j2objc | Highest |
| Product | pom | name | J2ObjC Annotations | High |
| Product | pom | url | google/j2objc/ | High |
| Version | file | version | 3.0.0 | High |
| Version | pom | version | 3.0.0 | Highest |
jsr305-3.0.2.jar
Description:
JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: npp:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.6
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | jsr305 | High |
| Vendor | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Vendor | pom | artifactid | jsr305 | Highest |
| Vendor | pom | artifactid | jsr305 | Low |
| Vendor | pom | groupid | com.google.code.findbugs | Highest |
| Vendor | pom | name | FindBugs-jsr305 | High |
| Vendor | pom | url | http://findbugs.sourceforge.net/ | Highest |
| Product | file | name | jsr305 | High |
| Product | Manifest | Bundle-Name | FindBugs-jsr305 | Medium |
| Product | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Product | pom | artifactid | jsr305 | Highest |
| Product | pom | groupid | com.google.code.findbugs | Highest |
| Product | pom | name | FindBugs-jsr305 | High |
| Product | pom | url | http://findbugs.sourceforge.net/ | Medium |
| Version | file | version | 3.0.2 | High |
| Version | Manifest | Bundle-Version | 3.0.2 | High |
| Version | pom | version | 3.0.2 | Highest |
lombok-1.18.34.jar: mavenEcjBootstrapAgent.jar
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.34\lombok-1.18.34.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: e5552f93605e20eb4039662ee38ee41a
SHA1: 257946794d3fbaff9023c991de99d6b7a7be8c8d
SHA256:7f93cde1d476e8d84f51213c52d70eb596fcde669fbd30fbd5a6745346fdde9d
Referenced In Project/Scope: npp:provided
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | mavenEcjBootstrapAgent | High |
| Vendor | jar | package name | launch | Low |
| Vendor | jar | package name | lombok | Low |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Product | file | name | mavenEcjBootstrapAgent | High |
| Product | jar | package name | launch | Low |
| Product | Manifest | can-redefine-classes | true | Low |
lombok-1.18.34.jar
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.34\lombok-1.18.34.jar
MD5: 91ce91dbfa7694bff4ddc1e51643f8b2
SHA1: ec547ef414ab1d2c040118fb9c1c265ada63af14
SHA256:c27d6b2aff56241d1b07fcbcc6b183709e6b432c80f7374eeb1d823e86d4b81a
Referenced In Project/Scope: npp:provided
lombok-1.18.34.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | lombok | High |
| Vendor | jar | package name | java | Highest |
| Vendor | jar | package name | lombok | Highest |
| Vendor | jar | package name | tostring | Highest |
| Vendor | Manifest | automatic-module-name | lombok | Medium |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Vendor | pom | artifactid | lombok | Highest |
| Vendor | pom | artifactid | lombok | Low |
| Vendor | pom | developer email | reinier@projectlombok.org | Low |
| Vendor | pom | developer email | roel@projectlombok.org | Low |
| Vendor | pom | developer id | rspilker | Medium |
| Vendor | pom | developer id | rzwitserloot | Medium |
| Vendor | pom | developer name | Reinier Zwitserloot | Medium |
| Vendor | pom | developer name | Roel Spilker | Medium |
| Vendor | pom | groupid | org.projectlombok | Highest |
| Vendor | pom | name | Project Lombok | High |
| Vendor | pom | url | https://projectlombok.org | Highest |
| Product | file | name | lombok | High |
| Product | jar | package name | java | Highest |
| Product | jar | package name | lombok | Highest |
| Product | jar | package name | tostring | Highest |
| Product | Manifest | automatic-module-name | lombok | Medium |
| Product | Manifest | can-redefine-classes | true | Low |
| Product | pom | artifactid | lombok | Highest |
| Product | pom | developer email | reinier@projectlombok.org | Low |
| Product | pom | developer email | roel@projectlombok.org | Low |
| Product | pom | developer id | rspilker | Low |
| Product | pom | developer id | rzwitserloot | Low |
| Product | pom | developer name | Reinier Zwitserloot | Low |
| Product | pom | developer name | Roel Spilker | Low |
| Product | pom | groupid | org.projectlombok | Highest |
| Product | pom | name | Project Lombok | High |
| Product | pom | url | https://projectlombok.org | Medium |
| Version | file | version | 1.18.34 | High |
| Version | Manifest | lombok-version | 1.18.34 | Medium |
| Version | pom | version | 1.18.34 | Highest |
modernizer-maven-annotations-2.9.0.jar
File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.9.0\modernizer-maven-annotations-2.9.0.jar
MD5: 638a555dc0ff4c996e8a920215fc8ea4
SHA1: 4de00c50ce237cf7a721ffe907e11f0688538b04
SHA256:baeca9a46aae8dbe8075058726389112382bc60be811e70886fbaba57c68502f
Referenced In Project/Scope: npp:provided
modernizer-maven-annotations-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | modernizer-maven-annotations | High |
| Vendor | jar | package name | gaul | Highest |
| Vendor | Manifest | build-jdk-spec | 21 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | modernizer-maven-annotations | Highest |
| Vendor | pom | artifactid | modernizer-maven-annotations | Low |
| Vendor | pom | groupid | org.gaul | Highest |
| Vendor | pom | name | Modernizer Maven Plugin annotations | High |
| Vendor | pom | parent-artifactid | modernizer-maven-parent | Low |
| Product | file | name | modernizer-maven-annotations | High |
| Product | jar | package name | gaul | Highest |
| Product | Manifest | build-jdk-spec | 21 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | modernizer-maven-annotations | Highest |
| Product | pom | groupid | org.gaul | Highest |
| Product | pom | name | Modernizer Maven Plugin annotations | High |
| Product | pom | parent-artifactid | modernizer-maven-parent | Medium |
| Version | file | version | 2.9.0 | High |
| Version | pom | version | 2.9.0 | Highest |
spotbugs-annotations-4.8.6.jar
Description:
Annotations the SpotBugs tool supports
License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.8.6\spotbugs-annotations-4.8.6.jar
MD5: 0806b237c67c69869506ce3ced9a722f
SHA1: 1dcffed3e561ed32134a0dff4717f19bc2fdf4d8
SHA256:4548b74a815ed44f5480ca4f06204a8b00809dc7e5f6a825a9edf18f40377b65
Referenced In Project/Scope: npp:provided
spotbugs-annotations-4.8.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.npp/npp@8.6.9
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | spotbugs-annotations | High |
| Vendor | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Vendor | Manifest | bundle-requiredexecutionenvironment | J2SE-1.5 | Low |
| Vendor | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Vendor | pom | artifactid | spotbugs-annotations | Highest |
| Vendor | pom | artifactid | spotbugs-annotations | Low |
| Vendor | pom | developer email | andreas.sewe@codetrails.com | Low |
| Vendor | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Vendor | pom | developer email | loskutov@gmx.de | Low |
| Vendor | pom | developer email | skypencil@gmail.com | Low |
| Vendor | pom | developer id | henrik242 | Medium |
| Vendor | pom | developer id | iloveeclipse | Medium |
| Vendor | pom | developer id | jsotuyod | Medium |
| Vendor | pom | developer id | KengoTODA | Medium |
| Vendor | pom | developer id | mebigfatguy | Medium |
| Vendor | pom | developer id | sewe | Medium |
| Vendor | pom | developer id | ThrawnCA | Medium |
| Vendor | pom | developer name | Andreas Sewe | Medium |
| Vendor | pom | developer name | Andrey Loskutov | Medium |
| Vendor | pom | developer name | Dave Brosius | Medium |
| Vendor | pom | developer name | Juan Martín Sotuyo Dodero | Medium |
| Vendor | pom | developer name | Kengo TODA | Medium |
| Vendor | pom | groupid | com.github.spotbugs | Highest |
| Vendor | pom | name | SpotBugs Annotations | High |
| Vendor | pom | url | https://spotbugs.github.io/ | Highest |
| Product | file | name | spotbugs-annotations | High |
| Product | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Product | Manifest | Bundle-Name | spotbugs-annotations | Medium |
| Product | Manifest | bundle-requiredexecutionenvironment | J2SE-1.5 | Low |
| Product | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Product | pom | artifactid | spotbugs-annotations | Highest |
| Product | pom | developer email | andreas.sewe@codetrails.com | Low |
| Product | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Product | pom | developer email | loskutov@gmx.de | Low |
| Product | pom | developer email | skypencil@gmail.com | Low |
| Product | pom | developer id | henrik242 | Low |
| Product | pom | developer id | iloveeclipse | Low |
| Product | pom | developer id | jsotuyod | Low |
| Product | pom | developer id | KengoTODA | Low |
| Product | pom | developer id | mebigfatguy | Low |
| Product | pom | developer id | sewe | Low |
| Product | pom | developer id | ThrawnCA | Low |
| Product | pom | developer name | Andreas Sewe | Low |
| Product | pom | developer name | Andrey Loskutov | Low |
| Product | pom | developer name | Dave Brosius | Low |
| Product | pom | developer name | Juan Martín Sotuyo Dodero | Low |
| Product | pom | developer name | Kengo TODA | Low |
| Product | pom | groupid | com.github.spotbugs | Highest |
| Product | pom | name | SpotBugs Annotations | High |
| Product | pom | url | https://spotbugs.github.io/ | Medium |
| Version | file | version | 4.8.6 | High |
| Version | Manifest | Bundle-Version | 4.8.6 | High |
| Version | pom | version | 4.8.6 | Highest |