Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: putty

com.github.hazendaz.putty:putty:0.81

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
checker-qual-3.42.0.jarpkg:maven/org.checkerframework/checker-qual@3.42.0 046
error_prone_annotations-2.26.1.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.26.1 029
j2objc-annotations-3.0.0.jarpkg:maven/com.google.j2objc/j2objc-annotations@3.0.0 033
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
lombok-1.18.32.jar: mavenEcjBootstrapAgent.jar 07
lombok-1.18.32.jarpkg:maven/org.projectlombok/lombok@1.18.32 036
modernizer-maven-annotations-2.8.0.jarpkg:maven/org.gaul/modernizer-maven-annotations@2.8.0 019
spotbugs-annotations-4.8.3.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3 053

Dependencies (vulnerable)

checker-qual-3.42.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.42.0\checker-qual-3.42.0.jar
MD5: 4c55448dcbfe9c3702f7758fc8fe0086
SHA1: 638ec33f363a94d41a4f03c3e7d3dcfba64e402d
SHA256:ccaedd33af0b7894d9f2f3b644f4d19e43928e32902e61ac4d10777830f5aac7
Referenced In Project/Scope: putty:provided
checker-qual-3.42.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers

error_prone_annotations-2.26.1.jar

Description:

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.26.1\error_prone_annotations-2.26.1.jar
MD5: 64c623e550068e3b2708e5d901865c56
SHA1: c1fde57694bdc14e8618899aaa6e857d9465d7de
SHA256:de25f2d9a2156529bd765f51d8efdfc0dfa7301e04efb9cc75b7f10cf5d0e0fb
Referenced In Project/Scope: putty:provided
error_prone_annotations-2.26.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers

j2objc-annotations-3.0.0.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.
  

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.0.0\j2objc-annotations-3.0.0.jar
MD5: f59529b29202a5baf37f491ea5ec8627
SHA1: 7399e65dd7e9ff3404f4535b2f017093bdb134c7
SHA256:88241573467ddca44ffd4d74aa04c2bbfd11bf7c17e0c342c94c9de7a70a7c64
Referenced In Project/Scope: putty:provided
j2objc-annotations-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: putty:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3

Identifiers

lombok-1.18.32.jar: mavenEcjBootstrapAgent.jar

File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.32\lombok-1.18.32.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: 81090c80616485973f6cd4a19d72bbdb
SHA1: ed1e7c8794dea7c7f7050098d56b2751b9f91288
SHA256:e97851350e56f4d1b02356ef61276886831e3a5e33a914ea95e878e2a46df69e
Referenced In Project/Scope: putty:provided

Identifiers

  • None

lombok-1.18.32.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.32\lombok-1.18.32.jar
MD5: 56e9be7b9a26802ac0c784ad824f3a29
SHA1: 17d46b3e205515e1e8efd3ee4d57ce8018914163
SHA256:97574674e2a25f567a313736ace00df8787d443de316407d57fc877d9f19a65d
Referenced In Project/Scope: putty:provided
lombok-1.18.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers

modernizer-maven-annotations-2.8.0.jar

File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.8.0\modernizer-maven-annotations-2.8.0.jar
MD5: 57078091b544a42461a328cccb46779a
SHA1: 5b1f18c161ae683384b2574cf93084d74d15a715
SHA256:a7ce2957c2301fdae8bb65f66fe484732fc3efc0f2e584d5e0da64267070da0e
Referenced In Project/Scope: putty:provided
modernizer-maven-annotations-2.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers

spotbugs-annotations-4.8.3.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.8.3\spotbugs-annotations-4.8.3.jar
MD5: cd5917b77643c3a7ba5420aea78f940c
SHA1: 05d2dc4ca5b632976371155252499819aea372ed
SHA256:e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b
Referenced In Project/Scope: putty:provided
spotbugs-annotations-4.8.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.putty/putty@0.81

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.