Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 12.1.8
Report Generated On: Sun, 7 Dec 2025 13:32:20 -0500
Dependencies Scanned: 22 (18 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2025-12-07T12:06:41-05
NVD API Last Modified: 2025-12-07T16:15:47Z

Summary

Summary of Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Confidence	Evidence Count
apiguardian-api-1.1.2.jar		pkg:maven/org.apiguardian/apiguardian-api@1.1.2		40
checker-qual-3.51.1.jar		pkg:maven/org.checkerframework/checker-qual@3.51.1		44
commons-lang3-3.20.0.jar	cpe:2.3:a:apache:commons_lang:3.20.0:::::::*	pkg:maven/org.apache.commons/commons-lang3@3.20.0	Highest	145
dbunit-3.0.0.jar	cpe:2.3:a:golden_project:golden:3.0.0:::::::*	pkg:maven/org.dbunit/dbunit@3.0.0	Low	96
error_prone_annotations-2.43.0.jar		pkg:maven/com.google.errorprone/error_prone_annotations@2.43.0		29
j2objc-annotations-3.1.jar		pkg:maven/com.google.j2objc/j2objc-annotations@3.1		33
jspecify-1.0.0.jar		pkg:maven/org.jspecify/jspecify@1.0.0		32
jsr305-3.0.2.jar		pkg:maven/com.google.code.findbugs/jsr305@3.0.2		17
junit-platform-engine-6.0.1.jar	cpe:2.3:a:fan_platform_project:fan_platform:6.0.1:::::::*	pkg:maven/org.junit.platform/junit-platform-engine@6.0.1	Low	76
lombok-1.18.42.jar: mavenEcjBootstrapAgent.jar				7
lombok-1.18.42.jar		pkg:maven/org.projectlombok/lombok@1.18.42		36
modernizer-maven-annotations-3.2.0.jar		pkg:maven/org.gaul/modernizer-maven-annotations@3.2.0		19
ojdbc11-23.26.0.0.0.jar	cpe:2.3:a:oracle:jdbc:23.26.0.0.0:::::::*	pkg:maven/com.oracle.database.jdbc/ojdbc11@23.26.0.0.0	Highest	33
opentest4j-1.3.0.jar		pkg:maven/org.opentest4j/opentest4j@1.3.0		60
postgresql-42.7.8.jar	cpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.8:::::::*	pkg:maven/org.postgresql/postgresql@42.7.8	Low	68
slf4j-api-2.0.17.jar		pkg:maven/org.slf4j/slf4j-api@2.0.17		29
snakeyaml-2.5.jar	cpe:2.3:a:snakeyaml_project:snakeyaml:2.5:::::::*	pkg:maven/org.yaml/snakeyaml@2.5	Highest	42
spotbugs-annotations-4.9.8.jar		pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8		53

Dependencies (vulnerable)

apiguardian-api-1.1.2.jar

Description:

@API Guardian

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\apiguardian\apiguardian-api\1.1.2\apiguardian-api-1.1.2.jar
MD5: 8c7de3f82037fa4a2e8be2a2f13092af
SHA1: a231e0d844d2721b0fa1b238006d15c6ded6842a
SHA256:b509448ac506d607319f182537f0b35d71007582ec741832a1f111e5b5b70b38
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/org.junit.jupiter/junit-jupiter-api@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	apiguardian-api	High
Vendor	jar	package name	api	Highest
Vendor	jar	package name	apiguardian	Highest
Vendor	Manifest	build-date	2021-06-27	Low
Vendor	Manifest	build-revision	aa952a1b9d5b4e9cc0af853e2c140c2455b397be	Low
Vendor	Manifest	build-time	14:53:10.089+0200	Low
Vendor	Manifest	bundle-docurl	https://github.com/apiguardian-team/apiguardian	Low
Vendor	Manifest	bundle-symbolicname	org.apiguardian.api	Medium
Vendor	Manifest	Implementation-Vendor	apiguardian.org	High
Vendor	Manifest	specification-vendor	apiguardian.org	Low
Vendor	pom	artifactid	apiguardian-api	Highest
Vendor	pom	artifactid	apiguardian-api	Low
Vendor	pom	developer email	team@apiguardian.org	Low
Vendor	pom	developer id	apiguardian	Medium
Vendor	pom	developer name	@API Guardian Team	Medium
Vendor	pom	groupid	org.apiguardian	Highest
Vendor	pom	name	org.apiguardian:apiguardian-api	High
Vendor	pom	url	apiguardian-team/apiguardian	Highest
Product	file	name	apiguardian-api	High
Product	jar	package name	api	Highest
Product	jar	package name	apiguardian	Highest
Product	Manifest	build-date	2021-06-27	Low
Product	Manifest	build-revision	aa952a1b9d5b4e9cc0af853e2c140c2455b397be	Low
Product	Manifest	build-time	14:53:10.089+0200	Low
Product	Manifest	bundle-docurl	https://github.com/apiguardian-team/apiguardian	Low
Product	Manifest	Bundle-Name	apiguardian-api	Medium
Product	Manifest	bundle-symbolicname	org.apiguardian.api	Medium
Product	Manifest	Implementation-Title	apiguardian-api	High
Product	Manifest	specification-title	apiguardian-api	Medium
Product	pom	artifactid	apiguardian-api	Highest
Product	pom	developer email	team@apiguardian.org	Low
Product	pom	developer id	apiguardian	Low
Product	pom	developer name	@API Guardian Team	Low
Product	pom	groupid	org.apiguardian	Highest
Product	pom	name	org.apiguardian:apiguardian-api	High
Product	pom	url	apiguardian-team/apiguardian	High
Version	file	version	1.1.2	High
Version	Manifest	Bundle-Version	1.1.2	High
Version	Manifest	Implementation-Version	1.1.2	High
Version	pom	version	1.1.2	Highest

Identifiers

pkg:maven/org.apiguardian/apiguardian-api@1.1.2 (Confidence:High)

checker-qual-3.51.1.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT

File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.51.1\checker-qual-3.51.1.jar
MD5: 1b247ba89d3b8776fa6223324b934f56
SHA1: d69c339a293b5ec04b26c9d994cbeffb7056d122
SHA256:153aeffe56ca24f3a9b8b6c6ff813eace9620ccf35adfab91d491682e56cd5ce
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	checker-qual	High
Vendor	jar	package name	checker	Highest
Vendor	jar	package name	checkerframework	Highest
Vendor	jar	package name	framework	Highest
Vendor	jar	package name	qual	Highest
Vendor	Manifest	bundle-symbolicname	checker-qual	Medium
Vendor	Manifest	implementation-url	https://checkerframework.org	Low
Vendor	pom	artifactid	checker-qual	Highest
Vendor	pom	artifactid	checker-qual	Low
Vendor	pom	developer email	mernst@cs.washington.edu	Low
Vendor	pom	developer email	smillst@cs.washington.edu	Low
Vendor	pom	developer id	mernst	Medium
Vendor	pom	developer id	smillst	Medium
Vendor	pom	developer name	Michael Ernst	Medium
Vendor	pom	developer name	Suzanne Millstein	Medium
Vendor	pom	developer org	University of Washington	Medium
Vendor	pom	developer org URL	https://www.cs.washington.edu/	Medium
Vendor	pom	groupid	org.checkerframework	Highest
Vendor	pom	name	Checker Qual	High
Vendor	pom	url	https://checkerframework.org/	Highest
Product	file	name	checker-qual	High
Product	jar	package name	checker	Highest
Product	jar	package name	checkerframework	Highest
Product	jar	package name	framework	Highest
Product	jar	package name	qual	Highest
Product	Manifest	Bundle-Name	checker-qual	Medium
Product	Manifest	bundle-symbolicname	checker-qual	Medium
Product	Manifest	implementation-url	https://checkerframework.org	Low
Product	pom	artifactid	checker-qual	Highest
Product	pom	developer email	mernst@cs.washington.edu	Low
Product	pom	developer email	smillst@cs.washington.edu	Low
Product	pom	developer id	mernst	Low
Product	pom	developer id	smillst	Low
Product	pom	developer name	Michael Ernst	Low
Product	pom	developer name	Suzanne Millstein	Low
Product	pom	developer org	University of Washington	Low
Product	pom	developer org URL	https://www.cs.washington.edu/	Low
Product	pom	groupid	org.checkerframework	Highest
Product	pom	name	Checker Qual	High
Product	pom	url	https://checkerframework.org/	Medium
Version	file	version	3.51.1	High
Version	Manifest	Bundle-Version	3.51.1	High
Version	Manifest	Implementation-Version	3.51.1	High
Version	pom	version	3.51.1	Highest

Identifiers

pkg:maven/org.checkerframework/checker-qual@3.51.1 (Confidence:High)

commons-lang3-3.20.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17, 21 and 25 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-lang3\3.20.0\commons-lang3-3.20.0.jar
MD5: 4b29562ded527aa074e1d44f8646dac5
SHA1: 65897b3e5731220962e659e001904af3c3cbeba9
SHA256:69e5c9fa35da7a51a5fd2099dfe56a2d8d32cf233e2f6d770e796146440263f4
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-lang3	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	lang3	Highest
Vendor	Manifest	automatic-module-name	org.apache.commons.lang3	Medium
Vendor	Manifest	build-jdk-spec	25	Low
Vendor	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-lang/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.lang3	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-lang3	Highest
Vendor	pom	artifactid	commons-lang3	Low
Vendor	pom	developer email	bayard@apache.org	Low
Vendor	pom	developer email	britter@apache.org	Low
Vendor	pom	developer email	chtompki@apache.org	Low
Vendor	pom	developer email	djones@apache.org	Low
Vendor	pom	developer email	dlr@finemaltcoding.com	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	jcarman@apache.org	Low
Vendor	pom	developer email	joerg.schaible@gmx.de	Low
Vendor	pom	developer email	lguibert@apache.org	Low
Vendor	pom	developer email	oheger@apache.org	Low
Vendor	pom	developer email	pbenedict@apache.org	Low
Vendor	pom	developer email	rdonkin@apache.org	Low
Vendor	pom	developer email	scolebourne@joda.org	Low
Vendor	pom	developer email	stevencaswell@apache.org	Low
Vendor	pom	developer id	bayard	Medium
Vendor	pom	developer id	britter	Medium
Vendor	pom	developer id	chtompki	Medium
Vendor	pom	developer id	djones	Medium
Vendor	pom	developer id	dlr	Medium
Vendor	pom	developer id	fredrik	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	jcarman	Medium
Vendor	pom	developer id	joehni	Medium
Vendor	pom	developer id	lguibert	Medium
Vendor	pom	developer id	mbenson	Medium
Vendor	pom	developer id	niallp	Medium
Vendor	pom	developer id	oheger	Medium
Vendor	pom	developer id	pbenedict	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	scaswell	Medium
Vendor	pom	developer id	scolebourne	Medium
Vendor	pom	developer name	Benedikt Ritter	Medium
Vendor	pom	developer name	Daniel Rall	Medium
Vendor	pom	developer name	Duncan Jones	Medium
Vendor	pom	developer name	Fredrik Westermarck	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Henri Yandell	Medium
Vendor	pom	developer name	James Carman	Medium
Vendor	pom	developer name	Joerg Schaible	Medium
Vendor	pom	developer name	Loic Guibert	Medium
Vendor	pom	developer name	Matt Benson	Medium
Vendor	pom	developer name	Niall Pemberton	Medium
Vendor	pom	developer name	Oliver Heger	Medium
Vendor	pom	developer name	Paul Benedict	Medium
Vendor	pom	developer name	Rob Tompkins	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Stephen Colebourne	Medium
Vendor	pom	developer name	Steven Caswell	Medium
Vendor	pom	developer org	Carman Consulting, Inc.	Medium
Vendor	pom	developer org	CollabNet, Inc.	Medium
Vendor	pom	developer org	SITA ATS Ltd	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	org.apache.commons	Highest
Vendor	pom	name	Apache Commons Lang	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	url	https://commons.apache.org/proper/commons-lang/	Highest
Product	file	name	commons-lang3	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	lang3	Highest
Product	Manifest	automatic-module-name	org.apache.commons.lang3	Medium
Product	Manifest	build-jdk-spec	25	Low
Product	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-lang/	Low
Product	Manifest	Bundle-Name	Apache Commons Lang	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.lang3	Medium
Product	Manifest	Implementation-Title	Apache Commons Lang	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons Lang	Medium
Product	pom	artifactid	commons-lang3	Highest
Product	pom	developer email	bayard@apache.org	Low
Product	pom	developer email	britter@apache.org	Low
Product	pom	developer email	chtompki@apache.org	Low
Product	pom	developer email	djones@apache.org	Low
Product	pom	developer email	dlr@finemaltcoding.com	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	jcarman@apache.org	Low
Product	pom	developer email	joerg.schaible@gmx.de	Low
Product	pom	developer email	lguibert@apache.org	Low
Product	pom	developer email	oheger@apache.org	Low
Product	pom	developer email	pbenedict@apache.org	Low
Product	pom	developer email	rdonkin@apache.org	Low
Product	pom	developer email	scolebourne@joda.org	Low
Product	pom	developer email	stevencaswell@apache.org	Low
Product	pom	developer id	bayard	Low
Product	pom	developer id	britter	Low
Product	pom	developer id	chtompki	Low
Product	pom	developer id	djones	Low
Product	pom	developer id	dlr	Low
Product	pom	developer id	fredrik	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	jcarman	Low
Product	pom	developer id	joehni	Low
Product	pom	developer id	lguibert	Low
Product	pom	developer id	mbenson	Low
Product	pom	developer id	niallp	Low
Product	pom	developer id	oheger	Low
Product	pom	developer id	pbenedict	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	scaswell	Low
Product	pom	developer id	scolebourne	Low
Product	pom	developer name	Benedikt Ritter	Low
Product	pom	developer name	Daniel Rall	Low
Product	pom	developer name	Duncan Jones	Low
Product	pom	developer name	Fredrik Westermarck	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Henri Yandell	Low
Product	pom	developer name	James Carman	Low
Product	pom	developer name	Joerg Schaible	Low
Product	pom	developer name	Loic Guibert	Low
Product	pom	developer name	Matt Benson	Low
Product	pom	developer name	Niall Pemberton	Low
Product	pom	developer name	Oliver Heger	Low
Product	pom	developer name	Paul Benedict	Low
Product	pom	developer name	Rob Tompkins	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Stephen Colebourne	Low
Product	pom	developer name	Steven Caswell	Low
Product	pom	developer org	Carman Consulting, Inc.	Low
Product	pom	developer org	CollabNet, Inc.	Low
Product	pom	developer org	SITA ATS Ltd	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	org.apache.commons	Highest
Product	pom	name	Apache Commons Lang	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	url	https://commons.apache.org/proper/commons-lang/	Medium
Version	file	version	3.20.0	High
Version	Manifest	Bundle-Version	3.20.0	High
Version	Manifest	Implementation-Version	3.20.0	High
Version	pom	parent-version	3.20.0	Low
Version	pom	version	3.20.0	Highest

Identifiers

pkg:maven/org.apache.commons/commons-lang3@3.20.0 (Confidence:High)
cpe:2.3:a:apache:commons_lang:3.20.0:*:*:*:*:*:*:* (Confidence:Highest)

dbunit-3.0.0.jar

Description:

    dbUnit is a JUnit extension (also usable from Ant and Maven) targeted for database-driven projects that, among other things, puts your database into a known state between test runs. This is an excellent way to avoid the myriad of problems that can occur when one test case corrupts the database and causes subsequent tests to fail or exacerbate the damage.

License:

GNU Lesser General Public License, Version 2.1: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt

File Path: C:\Users\Jeremy\.m2\repository\org\dbunit\dbunit\3.0.0\dbunit-3.0.0.jar
MD5: 3a1386e0082bd660b9eb9930526c6c71
SHA1: a5d192af07b5c6bd97130f690123760485bba126
SHA256:910f6f480a8429e734abba41416897d05c596f10189b93a5cef6c4a2f413f0ef
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	dbunit	High
Vendor	jar	package name	ant	Highest
Vendor	jar	package name	database	Highest
Vendor	jar	package name	dbunit	Highest
Vendor	jar	package name	dbunit	Low
Vendor	pom	artifactid	dbunit	Highest
Vendor	pom	artifactid	dbunit	Low
Vendor	pom	developer email	dbunit@felipeal.net	Low
Vendor	pom	developer email	epugh@opensourceconnections.com	Low
Vendor	pom	developer email	f.spinazzi@masterhouse.it	Low
Vendor	pom	developer email	gommma@users.sourceforge.net	Low
Vendor	pom	developer email	jbhurst@users.sourceforge.net	Low
Vendor	pom	developer email	jeffjensen@users.sourceforge.net	Low
Vendor	pom	developer email	quantas@users.sourceforge.net	Low
Vendor	pom	developer email	rlogiacco@users.sourceforge.net	Low
Vendor	pom	developer email	slecallonnec@users.sourceforge.net	Low
Vendor	pom	developer id	bdrum	Medium
Vendor	pom	developer id	dep4b	Medium
Vendor	pom	developer id	felipeal	Medium
Vendor	pom	developer id	fspinazzi	Medium
Vendor	pom	developer id	gommma	Medium
Vendor	pom	developer id	jbhurst	Medium
Vendor	pom	developer id	jeffjensen	Medium
Vendor	pom	developer id	mlaflamm	Medium
Vendor	pom	developer id	quantas	Medium
Vendor	pom	developer id	rlogiacco	Medium
Vendor	pom	developer id	slecallonnec	Medium
Vendor	pom	developer id	zieggy	Medium
Vendor	pom	developer name	Andrew Landsverk	Medium
Vendor	pom	developer name	Benjamin Cox	Medium
Vendor	pom	developer name	David Eric Pugh	Medium
Vendor	pom	developer name	Federico Spinazzi	Medium
Vendor	pom	developer name	Felipe Leme	Medium
Vendor	pom	developer name	Jeff Jensen	Medium
Vendor	pom	developer name	John Hurst	Medium
Vendor	pom	developer name	Manuel Laflamme	Medium
Vendor	pom	developer name	Matthias Gommeringer	Medium
Vendor	pom	developer name	Roberto Lo Giacco	Medium
Vendor	pom	developer name	Sebastien Le Callonnec	Medium
Vendor	pom	developer name	Timothy J. Ruppert	Medium
Vendor	pom	developer org	GoldenGate Software	Medium
Vendor	pom	developer org	Master House S.r.l	Medium
Vendor	pom	developer org	OpenSource Connections	Medium
Vendor	pom	developer org	Oz Communication	Medium
Vendor	pom	developer org	SmartLab	Medium
Vendor	pom	groupid	org.dbunit	Highest
Vendor	pom	name	dbUnit Extension	High
Vendor	pom	url	http://dbunit.sourceforge.net	Highest
Product	file	name	dbunit	High
Product	jar	package name	ant	Highest
Product	jar	package name	database	Highest
Product	jar	package name	dbunit	Highest
Product	pom	artifactid	dbunit	Highest
Product	pom	developer email	dbunit@felipeal.net	Low
Product	pom	developer email	epugh@opensourceconnections.com	Low
Product	pom	developer email	f.spinazzi@masterhouse.it	Low
Product	pom	developer email	gommma@users.sourceforge.net	Low
Product	pom	developer email	jbhurst@users.sourceforge.net	Low
Product	pom	developer email	jeffjensen@users.sourceforge.net	Low
Product	pom	developer email	quantas@users.sourceforge.net	Low
Product	pom	developer email	rlogiacco@users.sourceforge.net	Low
Product	pom	developer email	slecallonnec@users.sourceforge.net	Low
Product	pom	developer id	bdrum	Low
Product	pom	developer id	dep4b	Low
Product	pom	developer id	felipeal	Low
Product	pom	developer id	fspinazzi	Low
Product	pom	developer id	gommma	Low
Product	pom	developer id	jbhurst	Low
Product	pom	developer id	jeffjensen	Low
Product	pom	developer id	mlaflamm	Low
Product	pom	developer id	quantas	Low
Product	pom	developer id	rlogiacco	Low
Product	pom	developer id	slecallonnec	Low
Product	pom	developer id	zieggy	Low
Product	pom	developer name	Andrew Landsverk	Low
Product	pom	developer name	Benjamin Cox	Low
Product	pom	developer name	David Eric Pugh	Low
Product	pom	developer name	Federico Spinazzi	Low
Product	pom	developer name	Felipe Leme	Low
Product	pom	developer name	Jeff Jensen	Low
Product	pom	developer name	John Hurst	Low
Product	pom	developer name	Manuel Laflamme	Low
Product	pom	developer name	Matthias Gommeringer	Low
Product	pom	developer name	Roberto Lo Giacco	Low
Product	pom	developer name	Sebastien Le Callonnec	Low
Product	pom	developer name	Timothy J. Ruppert	Low
Product	pom	developer org	GoldenGate Software	Low
Product	pom	developer org	Master House S.r.l	Low
Product	pom	developer org	OpenSource Connections	Low
Product	pom	developer org	Oz Communication	Low
Product	pom	developer org	SmartLab	Low
Product	pom	groupid	org.dbunit	Highest
Product	pom	name	dbUnit Extension	High
Product	pom	url	http://dbunit.sourceforge.net	Medium
Version	file	version	3.0.0	High
Version	pom	version	3.0.0	Highest

Identifiers

pkg:maven/org.dbunit/dbunit@3.0.0 (Confidence:High)
cpe:2.3:a:golden_project:golden:3.0.0:*:*:*:*:*:*:* (Confidence:Low)

error_prone_annotations-2.43.0.jar

Description:

Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.43.0\error_prone_annotations-2.43.0.jar
MD5: 59fe4a79ce3218423f4f8918f04ef22f
SHA1: a4f9062316c31850b03085e45717f564fd563ceb
SHA256:48272e75c16e1f7bdc7bd19529ccacd5ee170404701d7f5a23441bb5847957f5
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	error_prone_annotations	High
Vendor	jar	package name	annotations	Highest
Vendor	jar	package name	errorprone	Highest
Vendor	jar	package name	google	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	https://errorprone.info/error_prone_annotations	Low
Vendor	Manifest	bundle-symbolicname	com.google.errorprone.annotations	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	error_prone_annotations	Highest
Vendor	pom	artifactid	error_prone_annotations	Low
Vendor	pom	groupid	com.google.errorprone	Highest
Vendor	pom	name	error-prone annotations	High
Vendor	pom	parent-artifactid	error_prone_parent	Low
Product	file	name	error_prone_annotations	High
Product	jar	package name	annotations	Highest
Product	jar	package name	errorprone	Highest
Product	jar	package name	google	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	https://errorprone.info/error_prone_annotations	Low
Product	Manifest	Bundle-Name	error-prone annotations	Medium
Product	Manifest	bundle-symbolicname	com.google.errorprone.annotations	Medium
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	error_prone_annotations	Highest
Product	pom	groupid	com.google.errorprone	Highest
Product	pom	name	error-prone annotations	High
Product	pom	parent-artifactid	error_prone_parent	Medium
Version	file	version	2.43.0	High
Version	Manifest	Bundle-Version	2.43.0	High
Version	pom	version	2.43.0	Highest

Identifiers

pkg:maven/com.google.errorprone/error_prone_annotations@2.43.0 (Confidence:High)

j2objc-annotations-3.1.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.1\j2objc-annotations-3.1.jar
MD5: abe8bd3abff622b9a8b15c3a737aa741
SHA1: a892ca9507839bbdb900d64310ac98256cab992f
SHA256:84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	j2objc-annotations	High
Vendor	jar	package name	annotations	Highest
Vendor	jar	package name	google	Highest
Vendor	jar	package name	j2objc	Highest
Vendor	Manifest	build-jdk-spec	22	Low
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	j2objc-annotations	Highest
Vendor	pom	artifactid	j2objc-annotations	Low
Vendor	pom	developer email	tball@google.com	Low
Vendor	pom	developer id	tomball	Medium
Vendor	pom	developer name	Tom Ball	Medium
Vendor	pom	developer org	Google	Medium
Vendor	pom	developer org URL	https://www.google.com	Medium
Vendor	pom	groupid	com.google.j2objc	Highest
Vendor	pom	name	J2ObjC Annotations	High
Vendor	pom	url	google/j2objc/	Highest
Product	file	name	j2objc-annotations	High
Product	jar	package name	annotations	Highest
Product	jar	package name	google	Highest
Product	jar	package name	j2objc	Highest
Product	Manifest	build-jdk-spec	22	Low
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	j2objc-annotations	Highest
Product	pom	developer email	tball@google.com	Low
Product	pom	developer id	tomball	Low
Product	pom	developer name	Tom Ball	Low
Product	pom	developer org	Google	Low
Product	pom	developer org URL	https://www.google.com	Low
Product	pom	groupid	com.google.j2objc	Highest
Product	pom	name	J2ObjC Annotations	High
Product	pom	url	google/j2objc/	High
Version	file	version	3.1	High
Version	pom	version	3.1	Highest

Identifiers

pkg:maven/com.google.j2objc/j2objc-annotations@3.1 (Confidence:High)

jspecify-1.0.0.jar

Description:

An artifact of well-named and well-specified annotations to power static analysis checks

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\jspecify\jspecify\1.0.0\jspecify-1.0.0.jar
MD5: 9133aba420d0ca3b001dbb6ae9992cf6
SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507
SHA256:1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/org.junit.jupiter/junit-jupiter-api@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jspecify	High
Vendor	jar	package name	annotations	Highest
Vendor	jar	package name	jspecify	Highest
Vendor	Manifest	bundle-docurl	https://jspecify.dev/docs/start-here	Low
Vendor	Manifest	bundle-symbolicname	org.jspecify.jspecify	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	jspecify	Highest
Vendor	pom	artifactid	jspecify	Low
Vendor	pom	developer email	kevinb9n@gmail.com	Low
Vendor	pom	developer id	kevinb9n	Medium
Vendor	pom	developer name	Kevin Bourrillion	Medium
Vendor	pom	groupid	org.jspecify	Highest
Vendor	pom	name	JSpecify annotations	High
Vendor	pom	url	http://jspecify.org/	Highest
Product	file	name	jspecify	High
Product	jar	package name	annotations	Highest
Product	jar	package name	jspecify	Highest
Product	Manifest	bundle-docurl	https://jspecify.dev/docs/start-here	Low
Product	Manifest	Bundle-Name	JSpecify annotations	Medium
Product	Manifest	bundle-symbolicname	org.jspecify.jspecify	Medium
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	jspecify	Highest
Product	pom	developer email	kevinb9n@gmail.com	Low
Product	pom	developer id	kevinb9n	Low
Product	pom	developer name	Kevin Bourrillion	Low
Product	pom	groupid	org.jspecify	Highest
Product	pom	name	JSpecify annotations	High
Product	pom	url	http://jspecify.org/	Medium
Version	file	version	1.0.0	High
Version	Manifest	Bundle-Version	1.0.0	High
Version	Manifest	Implementation-Version	1.0.0	High
Version	pom	version	1.0.0	Highest

Identifiers

pkg:maven/org.jspecify/jspecify@1.0.0 (Confidence:High)

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jsr305	High
Vendor	Manifest	bundle-symbolicname	org.jsr-305	Medium
Vendor	pom	artifactid	jsr305	Highest
Vendor	pom	artifactid	jsr305	Low
Vendor	pom	groupid	com.google.code.findbugs	Highest
Vendor	pom	name	FindBugs-jsr305	High
Vendor	pom	url	http://findbugs.sourceforge.net/	Highest
Product	file	name	jsr305	High
Product	Manifest	Bundle-Name	FindBugs-jsr305	Medium
Product	Manifest	bundle-symbolicname	org.jsr-305	Medium
Product	pom	artifactid	jsr305	Highest
Product	pom	groupid	com.google.code.findbugs	Highest
Product	pom	name	FindBugs-jsr305	High
Product	pom	url	http://findbugs.sourceforge.net/	Medium
Version	file	version	3.0.2	High
Version	Manifest	Bundle-Version	3.0.2	High
Version	pom	version	3.0.2	Highest

Identifiers

pkg:maven/com.google.code.findbugs/jsr305@3.0.2 (Confidence:High)

junit-platform-engine-6.0.1.jar

Description:

Module "junit-platform-engine" of JUnit

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html

File Path: C:\Users\Jeremy\.m2\repository\org\junit\platform\junit-platform-engine\6.0.1\junit-platform-engine-6.0.1.jar
MD5: 5b533f60bb8146253e3ee366a9261198
SHA1: 7b5b4c9a2298a7acd80e3267b49fda92e89cba4e
SHA256:f49577073a7ae184c718d9b43ae0d8edcb8abfc5ac738735ee3339d4652e92bf
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/org.dbunit/dbunit@3.0.0

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	junit-platform-engine	High
Vendor	jar	package name	engine	Highest
Vendor	jar	package name	junit	Highest
Vendor	jar	package name	platform	Highest
Vendor	Manifest	build-date	2025-10-31	Low
Vendor	Manifest	build-revision	d774b9ccc8550701fd6362c43f92611911da3e2b	Low
Vendor	Manifest	build-time	18:38:30.541+0100	Low
Vendor	Manifest	bundle-symbolicname	junit-platform-engine	Medium
Vendor	Manifest	Implementation-Vendor	junit.org	High
Vendor	Manifest	specification-vendor	junit.org	Low
Vendor	pom	artifactid	junit-platform-engine	Highest
Vendor	pom	artifactid	junit-platform-engine	Low
Vendor	pom	developer email	business@johanneslink.net	Low
Vendor	pom	developer email	derancourt.juliette@gmail.com	Low
Vendor	pom	developer email	mail@marcphilipp.de	Low
Vendor	pom	developer email	matthias.merdes@heidelpay.com	Low
Vendor	pom	developer email	sam@sambrannen.com	Low
Vendor	pom	developer email	sormuras@gmail.com	Low
Vendor	pom	developer email	stefan.bechtold@me.com	Low
Vendor	pom	developer id	bechte	Medium
Vendor	pom	developer id	jlink	Medium
Vendor	pom	developer id	juliette-derancourt	Medium
Vendor	pom	developer id	marcphilipp	Medium
Vendor	pom	developer id	mmerdes	Medium
Vendor	pom	developer id	sbrannen	Medium
Vendor	pom	developer id	sormuras	Medium
Vendor	pom	developer name	Christian Stein	Medium
Vendor	pom	developer name	Johannes Link	Medium
Vendor	pom	developer name	Juliette de Rancourt	Medium
Vendor	pom	developer name	Marc Philipp	Medium
Vendor	pom	developer name	Matthias Merdes	Medium
Vendor	pom	developer name	Sam Brannen	Medium
Vendor	pom	developer name	Stefan Bechtold	Medium
Vendor	pom	groupid	org.junit.platform	Highest
Vendor	pom	name	JUnit Platform Engine API	High
Vendor	pom	url	https://junit.org/	Highest
Product	file	name	junit-platform-engine	High
Product	jar	package name	engine	Highest
Product	jar	package name	junit	Highest
Product	jar	package name	platform	Highest
Product	Manifest	build-date	2025-10-31	Low
Product	Manifest	build-revision	d774b9ccc8550701fd6362c43f92611911da3e2b	Low
Product	Manifest	build-time	18:38:30.541+0100	Low
Product	Manifest	Bundle-Name	JUnit Platform Engine API	Medium
Product	Manifest	bundle-symbolicname	junit-platform-engine	Medium
Product	Manifest	Implementation-Title	junit-platform-engine	High
Product	Manifest	specification-title	junit-platform-engine	Medium
Product	pom	artifactid	junit-platform-engine	Highest
Product	pom	developer email	business@johanneslink.net	Low
Product	pom	developer email	derancourt.juliette@gmail.com	Low
Product	pom	developer email	mail@marcphilipp.de	Low
Product	pom	developer email	matthias.merdes@heidelpay.com	Low
Product	pom	developer email	sam@sambrannen.com	Low
Product	pom	developer email	sormuras@gmail.com	Low
Product	pom	developer email	stefan.bechtold@me.com	Low
Product	pom	developer id	bechte	Low
Product	pom	developer id	jlink	Low
Product	pom	developer id	juliette-derancourt	Low
Product	pom	developer id	marcphilipp	Low
Product	pom	developer id	mmerdes	Low
Product	pom	developer id	sbrannen	Low
Product	pom	developer id	sormuras	Low
Product	pom	developer name	Christian Stein	Low
Product	pom	developer name	Johannes Link	Low
Product	pom	developer name	Juliette de Rancourt	Low
Product	pom	developer name	Marc Philipp	Low
Product	pom	developer name	Matthias Merdes	Low
Product	pom	developer name	Sam Brannen	Low
Product	pom	developer name	Stefan Bechtold	Low
Product	pom	groupid	org.junit.platform	Highest
Product	pom	name	JUnit Platform Engine API	High
Product	pom	url	https://junit.org/	Medium
Version	file	version	6.0.1	High
Version	Manifest	Bundle-Version	6.0.1	High
Version	Manifest	Implementation-Version	6.0.1	High
Version	pom	version	6.0.1	Highest

Related Dependencies

Identifiers

pkg:maven/org.junit.platform/junit-platform-engine@6.0.1 (Confidence:High)
cpe:2.3:a:fan_platform_project:fan_platform:6.0.1:*:*:*:*:*:*:* (Confidence:Low)

lombok-1.18.42.jar: mavenEcjBootstrapAgent.jar

File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.42\lombok-1.18.42.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: 885d5d6be90a5dcd4b82cdf741e3f31a
SHA1: e1f7f1779f40157fd0b984c1bc32a0cb45cae66e
SHA256:74a80a6ee84e5c6fe497dfcc46a46dbe30578525e747eb531e918ee0750c8da9
Referenced In Project/Scope: scriptable-dataset:provided

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	mavenEcjBootstrapAgent	High
Vendor	jar	package name	launch	Low
Vendor	jar	package name	lombok	Low
Vendor	Manifest	can-redefine-classes	true	Low
Product	file	name	mavenEcjBootstrapAgent	High
Product	jar	package name	launch	Low
Product	Manifest	can-redefine-classes	true	Low

Identifiers

None

lombok-1.18.42.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE

File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.42\lombok-1.18.42.jar
MD5: f29149836e0187fb9fd95d82dc718d36
SHA1: 8365263844ebb62398e0dc33057ba10ba472d3b8
SHA256:3488a4e9994c26596baaceebee58cad36a50e3bdaec5be72b5834d3c3b560306
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	lombok	High
Vendor	jar	package name	java	Highest
Vendor	jar	package name	lombok	Highest
Vendor	jar	package name	tostring	Highest
Vendor	Manifest	automatic-module-name	lombok	Medium
Vendor	Manifest	can-redefine-classes	true	Low
Vendor	pom	artifactid	lombok	Highest
Vendor	pom	artifactid	lombok	Low
Vendor	pom	developer email	reinier@projectlombok.org	Low
Vendor	pom	developer email	roel@projectlombok.org	Low
Vendor	pom	developer id	rspilker	Medium
Vendor	pom	developer id	rzwitserloot	Medium
Vendor	pom	developer name	Reinier Zwitserloot	Medium
Vendor	pom	developer name	Roel Spilker	Medium
Vendor	pom	groupid	org.projectlombok	Highest
Vendor	pom	name	Project Lombok	High
Vendor	pom	url	https://projectlombok.org	Highest
Product	file	name	lombok	High
Product	jar	package name	java	Highest
Product	jar	package name	lombok	Highest
Product	jar	package name	tostring	Highest
Product	Manifest	automatic-module-name	lombok	Medium
Product	Manifest	can-redefine-classes	true	Low
Product	pom	artifactid	lombok	Highest
Product	pom	developer email	reinier@projectlombok.org	Low
Product	pom	developer email	roel@projectlombok.org	Low
Product	pom	developer id	rspilker	Low
Product	pom	developer id	rzwitserloot	Low
Product	pom	developer name	Reinier Zwitserloot	Low
Product	pom	developer name	Roel Spilker	Low
Product	pom	groupid	org.projectlombok	Highest
Product	pom	name	Project Lombok	High
Product	pom	url	https://projectlombok.org	Medium
Version	file	version	1.18.42	High
Version	Manifest	lombok-version	1.18.42	Medium
Version	pom	version	1.18.42	Highest

Identifiers

pkg:maven/org.projectlombok/lombok@1.18.42 (Confidence:High)

modernizer-maven-annotations-3.2.0.jar

File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\3.2.0\modernizer-maven-annotations-3.2.0.jar
MD5: 127396b14eb51fd93eb587308f079768
SHA1: 23a99089ff682152e86ab1691a8232db325def09
SHA256:9f9396f361f0d45d435355c1f2b57980307abd81f3131083ec18f54fbbaa5ecb
Referenced In Project/Scope: scriptable-dataset:provided
modernizer-maven-annotations-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	modernizer-maven-annotations	High
Vendor	jar	package name	gaul	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	modernizer-maven-annotations	Highest
Vendor	pom	artifactid	modernizer-maven-annotations	Low
Vendor	pom	groupid	org.gaul	Highest
Vendor	pom	name	Modernizer Maven Plugin annotations	High
Vendor	pom	parent-artifactid	modernizer-maven-parent	Low
Product	file	name	modernizer-maven-annotations	High
Product	jar	package name	gaul	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	modernizer-maven-annotations	Highest
Product	pom	groupid	org.gaul	Highest
Product	pom	name	Modernizer Maven Plugin annotations	High
Product	pom	parent-artifactid	modernizer-maven-parent	Medium
Version	file	version	3.2.0	High
Version	pom	version	3.2.0	Highest

Identifiers

pkg:maven/org.gaul/modernizer-maven-annotations@3.2.0 (Confidence:High)

ojdbc11-23.26.0.0.0.jar

Description:

 Oracle JDBC Driver compatible with JDK11, JDK17, JDK19, and JDK21

License:

Oracle Free Use Terms and Conditions (FUTC): https://www.oracle.com/downloads/licenses/oracle-free-license.html

File Path: C:\Users\Jeremy\.m2\repository\com\oracle\database\jdbc\ojdbc11\23.26.0.0.0\ojdbc11-23.26.0.0.0.jar
MD5: dd15886101e9e7f5eaf293881c72a072
SHA1: aea576f3827874d02b3dbd3ea6518955d0d1f1c7
SHA256:ef295bf01374dac7d791b3bc6526d10e8910ecac4645a95a3ca0c01cfc5c21d0
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	ojdbc11	High
Vendor	jar	package name	driver	Highest
Vendor	jar	package name	jdbc	Highest
Vendor	jar	package name	oracle	Highest
Vendor	jar (hint)	package name	sun	Highest
Vendor	Manifest	automatic-module-name	com.oracle.database.jdbc	Medium
Vendor	Manifest	Implementation-Vendor	Oracle Corporation	High
Vendor	Manifest	repository-id	JAVAVM_23.26.0.0.0DBRU_LINUX.X64_250925.1	Low
Vendor	Manifest	specification-vendor	Sun Microsystems Inc.	Low
Vendor	pom	artifactid	ojdbc11	Highest
Vendor	pom	artifactid	ojdbc11	Low
Vendor	pom	developer org	Oracle America, Inc.	Medium
Vendor	pom	developer org URL	http://www.oracle.com	Medium
Vendor	pom	groupid	com.oracle.database.jdbc	Highest
Vendor	pom	name	ojdbc11	High
Vendor	pom	url	https://www.oracle.com/database/technologies/maven-central-guide.html	Highest
Product	file	name	ojdbc11	High
Product	jar	package name	driver	Highest
Product	jar	package name	jdbc	Highest
Product	jar	package name	oracle	Highest
Product	Manifest	automatic-module-name	com.oracle.database.jdbc	Medium
Product	Manifest	Implementation-Title	JDBC	High
Product	Manifest	repository-id	JAVAVM_23.26.0.0.0DBRU_LINUX.X64_250925.1	Low
Product	Manifest	specification-title	JDBC	Medium
Product	pom	artifactid	ojdbc11	Highest
Product	pom	developer org	Oracle America, Inc.	Low
Product	pom	developer org URL	http://www.oracle.com	Low
Product	pom	groupid	com.oracle.database.jdbc	Highest
Product	pom	name	ojdbc11	High
Product	pom	url	https://www.oracle.com/database/technologies/maven-central-guide.html	Medium
Version	file	version	23.26.0.0.0	High
Version	Manifest	Implementation-Version	23.26.0.0.0	High
Version	pom	version	23.26.0.0.0	Highest

Identifiers

pkg:maven/com.oracle.database.jdbc/ojdbc11@23.26.0.0.0 (Confidence:High)
cpe:2.3:a:oracle:jdbc:23.26.0.0.0:*:*:*:*:*:*:* (Confidence:Highest)

opentest4j-1.3.0.jar

Description:

Open Test Alliance for the JVM

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\opentest4j\opentest4j\1.3.0\opentest4j-1.3.0.jar
MD5: 03c404f727531f3fd3b4c73997899327
SHA1: 152ea56b3a72f655d4fd677fc0ef2596c3dd5e6e
SHA256:48e2df636cab6563ced64dcdff8abb2355627cb236ef0bf37598682ddf742f1b
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/org.junit.jupiter/junit-jupiter-api@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	opentest4j	High
Vendor	jar	package name	opentest4j	Highest
Vendor	Manifest	build-date	2023-07-06	Low
Vendor	Manifest	build-revision	214973bfa4e7e9be7d04e623202cc4147c7036d2	Low
Vendor	Manifest	build-time	14:25:06.116+0200	Low
Vendor	Manifest	bundle-symbolicname	org.opentest4j	Medium
Vendor	Manifest	Implementation-Vendor	opentest4j.org	High
Vendor	Manifest	specification-vendor	opentest4j.org	Low
Vendor	pom	artifactid	opentest4j	Highest
Vendor	pom	artifactid	opentest4j	Low
Vendor	pom	developer email	business@johanneslink.net	Low
Vendor	pom	developer email	mail@marcphilipp.de	Low
Vendor	pom	developer email	matthias.merdes@heidelpay.com	Low
Vendor	pom	developer email	sam@sambrannen.com	Low
Vendor	pom	developer email	stefan.bechtold@me.com	Low
Vendor	pom	developer id	bechte	Medium
Vendor	pom	developer id	jlink	Medium
Vendor	pom	developer id	marcphilipp	Medium
Vendor	pom	developer id	mmerdes	Medium
Vendor	pom	developer id	sbrannen	Medium
Vendor	pom	developer name	Johannes Link	Medium
Vendor	pom	developer name	Marc Philipp	Medium
Vendor	pom	developer name	Matthias Merdes	Medium
Vendor	pom	developer name	Sam Brannen	Medium
Vendor	pom	developer name	Stefan Bechtold	Medium
Vendor	pom	groupid	org.opentest4j	Highest
Vendor	pom	name	org.opentest4j:opentest4j	High
Vendor	pom	url	ota4j-team/opentest4j	Highest
Product	file	name	opentest4j	High
Product	jar	package name	opentest4j	Highest
Product	Manifest	build-date	2023-07-06	Low
Product	Manifest	build-revision	214973bfa4e7e9be7d04e623202cc4147c7036d2	Low
Product	Manifest	build-time	14:25:06.116+0200	Low
Product	Manifest	Bundle-Name	opentest4j	Medium
Product	Manifest	bundle-symbolicname	org.opentest4j	Medium
Product	Manifest	Implementation-Title	opentest4j	High
Product	Manifest	specification-title	opentest4j	Medium
Product	pom	artifactid	opentest4j	Highest
Product	pom	developer email	business@johanneslink.net	Low
Product	pom	developer email	mail@marcphilipp.de	Low
Product	pom	developer email	matthias.merdes@heidelpay.com	Low
Product	pom	developer email	sam@sambrannen.com	Low
Product	pom	developer email	stefan.bechtold@me.com	Low
Product	pom	developer id	bechte	Low
Product	pom	developer id	jlink	Low
Product	pom	developer id	marcphilipp	Low
Product	pom	developer id	mmerdes	Low
Product	pom	developer id	sbrannen	Low
Product	pom	developer name	Johannes Link	Low
Product	pom	developer name	Marc Philipp	Low
Product	pom	developer name	Matthias Merdes	Low
Product	pom	developer name	Sam Brannen	Low
Product	pom	developer name	Stefan Bechtold	Low
Product	pom	groupid	org.opentest4j	Highest
Product	pom	name	org.opentest4j:opentest4j	High
Product	pom	url	ota4j-team/opentest4j	High
Version	file	version	1.3.0	High
Version	Manifest	Bundle-Version	1.3.0	High
Version	Manifest	Implementation-Version	1.3.0	High
Version	pom	version	1.3.0	Highest

Identifiers

pkg:maven/org.opentest4j/opentest4j@1.3.0 (Confidence:High)

postgresql-42.7.8.jar

Description:

PostgreSQL JDBC Driver Postgresql

License:

BSD-2-Clause: https://jdbc.postgresql.org/about/license.html

File Path: C:\Users\Jeremy\.m2\repository\org\postgresql\postgresql\42.7.8\postgresql-42.7.8.jar
MD5: d5626352279a40e69e863fcff564e2f1
SHA1: 81b840fbfe0a6c0b7aa14c6bd4856108d36ed780
SHA256:2a32a9dcbc42d67a50ad3a0de5efd102c8d2be46720045f2cbd6689f160ab7c7
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	postgresql	High
Vendor	jar	package name	driver	Highest
Vendor	jar	package name	jdbc	Highest
Vendor	jar	package name	postgresql	Highest
Vendor	Manifest	automatic-module-name	org.postgresql.jdbc	Medium
Vendor	Manifest	bundle-copyright	Copyright (c) 2003-2024, PostgreSQL Global Development Group	Low
Vendor	Manifest	bundle-docurl	https://jdbc.postgresql.org/	Low
Vendor	Manifest	bundle-symbolicname	org.postgresql.jdbc	Medium
Vendor	Manifest	Implementation-Vendor	PostgreSQL Global Development Group	High
Vendor	Manifest	Implementation-Vendor-Id	org.postgresql	Medium
Vendor	Manifest	provide-capability	osgi.service;effective:=active;objectClass="org.osgi.service.jdbc.DataSourceFactory";osgi.jdbc.driver.class="org.postgresql.Driver";osgi.jdbc.driver.name="PostgreSQL JDBC Driver"	Low
Vendor	Manifest	specification-vendor	Oracle Corporation	Low
Vendor	pom	artifactid	postgresql	Highest
Vendor	pom	artifactid	postgresql	Low
Vendor	pom	developer id	bokken	Medium
Vendor	pom	developer id	davecramer	Medium
Vendor	pom	developer id	jurka	Medium
Vendor	pom	developer id	oliver	Medium
Vendor	pom	developer id	ringerc	Medium
Vendor	pom	developer id	vlsi	Medium
Vendor	pom	developer name	Brett Okken	Medium
Vendor	pom	developer name	Craig Ringer	Medium
Vendor	pom	developer name	Dave Cramer	Medium
Vendor	pom	developer name	Kris Jurka	Medium
Vendor	pom	developer name	Oliver Jowett	Medium
Vendor	pom	developer name	Vladimir Sitnikov	Medium
Vendor	pom	groupid	org.postgresql	Highest
Vendor	pom	name	PostgreSQL JDBC Driver	High
Vendor	pom	organization name	PostgreSQL Global Development Group	High
Vendor	pom	organization url	https://jdbc.postgresql.org/	Medium
Vendor	pom	url	https://jdbc.postgresql.org	Highest
Product	file	name	postgresql	High
Product	hint analyzer	product	pgjdbc	Highest
Product	hint analyzer	product	postgresql_jdbc_driver	Highest
Product	jar	package name	driver	Highest
Product	jar	package name	jdbc	Highest
Product	jar	package name	osgi	Highest
Product	jar	package name	postgresql	Highest
Product	Manifest	automatic-module-name	org.postgresql.jdbc	Medium
Product	Manifest	bundle-copyright	Copyright (c) 2003-2024, PostgreSQL Global Development Group	Low
Product	Manifest	bundle-docurl	https://jdbc.postgresql.org/	Low
Product	Manifest	Bundle-Name	PostgreSQL JDBC Driver	Medium
Product	Manifest	bundle-symbolicname	org.postgresql.jdbc	Medium
Product	Manifest	Implementation-Title	PostgreSQL JDBC Driver	High
Product	Manifest	provide-capability	osgi.service;effective:=active;objectClass="org.osgi.service.jdbc.DataSourceFactory";osgi.jdbc.driver.class="org.postgresql.Driver";osgi.jdbc.driver.name="PostgreSQL JDBC Driver"	Low
Product	Manifest	specification-title	JDBC	Medium
Product	pom	artifactid	postgresql	Highest
Product	pom	developer id	bokken	Low
Product	pom	developer id	davecramer	Low
Product	pom	developer id	jurka	Low
Product	pom	developer id	oliver	Low
Product	pom	developer id	ringerc	Low
Product	pom	developer id	vlsi	Low
Product	pom	developer name	Brett Okken	Low
Product	pom	developer name	Craig Ringer	Low
Product	pom	developer name	Dave Cramer	Low
Product	pom	developer name	Kris Jurka	Low
Product	pom	developer name	Oliver Jowett	Low
Product	pom	developer name	Vladimir Sitnikov	Low
Product	pom	groupid	org.postgresql	Highest
Product	pom	name	PostgreSQL JDBC Driver	High
Product	pom	organization name	PostgreSQL Global Development Group	Low
Product	pom	organization url	https://jdbc.postgresql.org/	Low
Product	pom	url	https://jdbc.postgresql.org	Medium
Version	file	version	42.7.8	High
Version	Manifest	Bundle-Version	42.7.8	High
Version	Manifest	Implementation-Version	42.7.8	High
Version	pom	version	42.7.8	Highest

Identifiers

pkg:maven/org.postgresql/postgresql@42.7.8 (Confidence:High)
cpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.8:*:*:*:*:*:*:* (Confidence:Low)

slf4j-api-2.0.17.jar

Description:

The slf4j API

License:

https://opensource.org/license/mit

File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\slf4j-api\2.0.17\slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slf4j-api	High
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	slf4j.api	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	slf4j-api	Highest
Vendor	pom	artifactid	slf4j-api	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	SLF4J API Module	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	slf4j-api	High
Product	jar	package name	slf4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	SLF4J API Module	Medium
Product	Manifest	bundle-symbolicname	slf4j.api	Medium
Product	Manifest	Implementation-Title	slf4j-api	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	slf4j-api	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	SLF4J API Module	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/slf4j-api@2.0.17 (Confidence:High)

snakeyaml-2.5.jar

Description:

YAML 1.1 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\yaml\snakeyaml\2.5\snakeyaml-2.5.jar
MD5: 8d3b7581db5c7620db55183f33a4f2ad
SHA1: 2d53ddec134280cb384c1e35d094e5f71c1f2316
SHA256:e6682acf1ace77508ef13649cbf4f8d09d2cf5457bdb61d25ffb6ac0233d78dd
Referenced In Project/Scope: scriptable-dataset:compile
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	snakeyaml	High
Vendor	jar	package name	emitter	Highest
Vendor	jar	package name	org	Highest
Vendor	jar	package name	parser	Highest
Vendor	jar	package name	snakeyaml	Highest
Vendor	jar	package name	yaml	Highest
Vendor	Manifest	build-jdk-spec	11	Low
Vendor	Manifest	bundle-symbolicname	org.yaml.snakeyaml	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	snakeyaml	Highest
Vendor	pom	artifactid	snakeyaml	Low
Vendor	pom	developer email	alexander.maslov@gmail.com	Low
Vendor	pom	developer email	public.somov@gmail.com	Low
Vendor	pom	developer id	asomov	Medium
Vendor	pom	developer id	maslovalex	Medium
Vendor	pom	developer name	Alexander Maslov	Medium
Vendor	pom	developer name	Andrey Somov	Medium
Vendor	pom	groupid	org.yaml	Highest
Vendor	pom	name	SnakeYAML	High
Vendor	pom	url	https://bitbucket.org/snakeyaml/snakeyaml	Highest
Product	file	name	snakeyaml	High
Product	jar	package name	emitter	Highest
Product	jar	package name	org	Highest
Product	jar	package name	parser	Highest
Product	jar	package name	snakeyaml	Highest
Product	jar	package name	yaml	Highest
Product	Manifest	build-jdk-spec	11	Low
Product	Manifest	Bundle-Name	SnakeYAML	Medium
Product	Manifest	bundle-symbolicname	org.yaml.snakeyaml	Medium
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	snakeyaml	Highest
Product	pom	developer email	alexander.maslov@gmail.com	Low
Product	pom	developer email	public.somov@gmail.com	Low
Product	pom	developer id	asomov	Low
Product	pom	developer id	maslovalex	Low
Product	pom	developer name	Alexander Maslov	Low
Product	pom	developer name	Andrey Somov	Low
Product	pom	groupid	org.yaml	Highest
Product	pom	name	SnakeYAML	High
Product	pom	url	https://bitbucket.org/snakeyaml/snakeyaml	Medium
Version	file	version	2.5	High
Version	pom	version	2.5	Highest

Identifiers

pkg:maven/org.yaml/snakeyaml@2.5 (Confidence:High)
cpe:2.3:a:snakeyaml_project:snakeyaml:2.5:*:*:*:*:*:*:* (Confidence:Highest)

spotbugs-annotations-4.9.8.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html

File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.9.8\spotbugs-annotations-4.9.8.jar
MD5: d4c2e7bd090be697ad409a4e75684a94
SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73
SHA256:6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
Referenced In Project/Scope: scriptable-dataset:provided
pkg:maven/com.github.hazendaz/scriptable-dataset@3.1.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	spotbugs-annotations	High
Vendor	Manifest	automatic-module-name	com.github.spotbugs.annotations	Medium
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	spotbugs-annotations	Medium
Vendor	pom	artifactid	spotbugs-annotations	Highest
Vendor	pom	artifactid	spotbugs-annotations	Low
Vendor	pom	developer email	andreas.sewe@codetrails.com	Low
Vendor	pom	developer email	dbrosius@mebigfatguy.com	Low
Vendor	pom	developer email	loskutov@gmx.de	Low
Vendor	pom	developer email	skypencil@gmail.com	Low
Vendor	pom	developer id	henrik242	Medium
Vendor	pom	developer id	iloveeclipse	Medium
Vendor	pom	developer id	jsotuyod	Medium
Vendor	pom	developer id	KengoTODA	Medium
Vendor	pom	developer id	mebigfatguy	Medium
Vendor	pom	developer id	sewe	Medium
Vendor	pom	developer id	ThrawnCA	Medium
Vendor	pom	developer name	Andreas Sewe	Medium
Vendor	pom	developer name	Andrey Loskutov	Medium
Vendor	pom	developer name	Dave Brosius	Medium
Vendor	pom	developer name	Juan Martín Sotuyo Dodero	Medium
Vendor	pom	developer name	Kengo TODA	Medium
Vendor	pom	groupid	com.github.spotbugs	Highest
Vendor	pom	name	SpotBugs Annotations	High
Vendor	pom	url	https://spotbugs.github.io/	Highest
Product	file	name	spotbugs-annotations	High
Product	Manifest	automatic-module-name	com.github.spotbugs.annotations	Medium
Product	Manifest	Bundle-Name	spotbugs-annotations	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	spotbugs-annotations	Medium
Product	pom	artifactid	spotbugs-annotations	Highest
Product	pom	developer email	andreas.sewe@codetrails.com	Low
Product	pom	developer email	dbrosius@mebigfatguy.com	Low
Product	pom	developer email	loskutov@gmx.de	Low
Product	pom	developer email	skypencil@gmail.com	Low
Product	pom	developer id	henrik242	Low
Product	pom	developer id	iloveeclipse	Low
Product	pom	developer id	jsotuyod	Low
Product	pom	developer id	KengoTODA	Low
Product	pom	developer id	mebigfatguy	Low
Product	pom	developer id	sewe	Low
Product	pom	developer id	ThrawnCA	Low
Product	pom	developer name	Andreas Sewe	Low
Product	pom	developer name	Andrey Loskutov	Low
Product	pom	developer name	Dave Brosius	Low
Product	pom	developer name	Juan Martín Sotuyo Dodero	Low
Product	pom	developer name	Kengo TODA	Low
Product	pom	groupid	com.github.spotbugs	Highest
Product	pom	name	SpotBugs Annotations	High
Product	pom	url	https://spotbugs.github.io/	Medium
Version	file	version	4.9.8	High
Version	Manifest	Bundle-Version	4.9.8	High
Version	pom	version	4.9.8	Highest

Identifiers

pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8 (Confidence:High)

How to read the report | Suppressing false positives | Getting Help: github issues

Project: scriptable-dataset

com.github.hazendaz:scriptable-dataset:3.1.1

Summary

Dependencies (vulnerable)

apiguardian-api-1.1.2.jar

Evidence

Identifiers

checker-qual-3.51.1.jar

Evidence

Identifiers

commons-lang3-3.20.0.jar

Evidence

Identifiers

dbunit-3.0.0.jar

Evidence

Identifiers

error_prone_annotations-2.43.0.jar

Evidence

Identifiers

j2objc-annotations-3.1.jar

Evidence

Identifiers

jspecify-1.0.0.jar

Evidence

Identifiers

jsr305-3.0.2.jar

Evidence

Identifiers

junit-platform-engine-6.0.1.jar

Evidence

Related Dependencies

Identifiers

lombok-1.18.42.jar: mavenEcjBootstrapAgent.jar

Evidence

Identifiers

lombok-1.18.42.jar

Evidence

Identifiers

modernizer-maven-annotations-3.2.0.jar

Evidence

Identifiers

ojdbc11-23.26.0.0.0.jar

Evidence

Identifiers

opentest4j-1.3.0.jar

Evidence

Identifiers

postgresql-42.7.8.jar

Evidence

Identifiers

slf4j-api-2.0.17.jar

Evidence

Identifiers

snakeyaml-2.5.jar

Evidence

Identifiers

spotbugs-annotations-4.9.8.jar

Evidence

Identifiers