Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.2.0Report Generated On : Tue, 31 Mar 2026 04:47:21 GMTDependencies Scanned : 58 (50 unique)Vulnerable Dependencies : 3 Vulnerabilities Found : 3Vulnerabilities Suppressed : 0
...
NVD API Last Checked : 2026-03-31T04:47:12ZNVD API Last Modified : 2026-03-31T04:16:45Z
Summary
Summary of Vulnerable Dependencies (click to show all)
Description:
A small library for explicit, intentful configuration.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/aero/aero/1.1.6/aero-1.1.6.jar
MD5: b23b46d2bc5fa3b636a2cb40410c1426
SHA1: dc5114c3a8905f61431c4f9dd068a9c919e731ce
SHA256: f4b0a9272da50c8091c5529c9fe355c47234f1eeb95fe92296e2c23f787f3d22
Evidence
Type Source Name Value Confidence Vendor file name aero High Vendor Manifest leiningen-project-artifactid aero Low Vendor Manifest leiningen-project-groupid aero Low Vendor pom artifactid aero Low Vendor pom groupid aero Highest Vendor pom name aero High Vendor pom url http://github.com/juxt/aero Highest Product file name aero High Product Manifest leiningen-project-artifactid aero Low Product Manifest leiningen-project-groupid aero Low Product pom artifactid aero Highest Product pom groupid aero Highest Product pom name aero High Product pom url http://github.com/juxt/aero Medium Version file version 1.1.6 High Version Manifest leiningen-project-version 1.1.6 Medium Version pom version 1.1.6 Highest
pkg:maven/aero/aero@1.1.6
(Confidence :High)
Description:
ASM, a very small and fast Java bytecode manipulation framework
License:
BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.2/asm-9.2.jar
MD5: 8f184dce9b1bedc675d4a3640d43ddf0
SHA1: 81a03f76019c67362299c40e0ba13405f5467bff
SHA256: b9d4fe4d71938df38839f0eca42aaaa64cf8b313d678da036f0cb3ca199b47f5
Evidence
Type Source Name Value Confidence Vendor file name asm High Vendor jar package name asm Highest Vendor jar package name objectweb Highest Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Vendor pom artifactid asm Low Vendor pom developer email ebruneton@free.fr Low Vendor pom developer email eu@javatx.org Low Vendor pom developer email forax@univ-mlv.fr Low Vendor pom developer id ebruneton Medium Vendor pom developer id eu Medium Vendor pom developer id forax Medium Vendor pom developer name Eric Bruneton Medium Vendor pom developer name Eugene Kuleshov Medium Vendor pom developer name Remi Forax Medium Vendor pom groupid org.ow2.asm Highest Vendor pom name asm High Vendor pom organization name OW2 High Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor pom parent-groupid org.ow2 Medium Vendor pom url http://asm.ow2.io/ Highest Product file name asm High Product jar package name asm Highest Product jar package name objectweb Highest Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname org.objectweb.asm Medium Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Product pom artifactid asm Highest Product pom developer email ebruneton@free.fr Low Product pom developer email eu@javatx.org Low Product pom developer email forax@univ-mlv.fr Low Product pom developer id ebruneton Low Product pom developer id eu Low Product pom developer id forax Low Product pom developer name Eric Bruneton Low Product pom developer name Eugene Kuleshov Low Product pom developer name Remi Forax Low Product pom groupid org.ow2.asm Highest Product pom name asm High Product pom organization name OW2 Low Product pom organization url http://www.ow2.org/ Low Product pom parent-artifactid ow2 Medium Product pom parent-groupid org.ow2 Medium Product pom url http://asm.ow2.io/ Medium Version file version 9.2 High Version Manifest Implementation-Version 9.2 High Version pom parent-version 9.2 Low Version pom version 9.2 Highest
pkg:maven/org.ow2.asm/asm@9.2
(Confidence :High)
Description:
A library for word case conversions.
License:
Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/camel-snake-kebab/camel-snake-kebab/0.4.3/camel-snake-kebab-0.4.3.jar
MD5: 4591ec721d8bbe8347ff82ef91c57514
SHA1: 5ae08f83ceb8959971e6334596bff0214bf6fdf2
SHA256: 8191f335776310d7857a40ad33254be66adb363806b18136d8843196923ac2c8
Evidence
Type Source Name Value Confidence Vendor file name camel-snake-kebab High Vendor pom artifactid camel-snake-kebab Low Vendor pom groupid camel-snake-kebab Highest Vendor pom name camel-snake-kebab High Vendor pom url https://clj-commons.org/camel-snake-kebab/ Highest Product file name camel-snake-kebab High Product pom artifactid camel-snake-kebab Highest Product pom groupid camel-snake-kebab Highest Product pom name camel-snake-kebab High Product pom url https://clj-commons.org/camel-snake-kebab/ Medium Version file version 0.4.3 High Version pom version 0.4.3 Highest
pkg:maven/camel-snake-kebab/camel-snake-kebab@0.4.3
(Confidence :High)
Description:
JSON and JSON SMILE encoding, fast.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/cheshire/cheshire/6.1.0/cheshire-6.1.0.jar
MD5: 073def678759286c8000e40e783d3d54
SHA1: d4b11693fcc54dd174e9a946531edd1313d9f767
SHA256: aee0ab6e448195aa095f22c428e20d2bc610591c54c10ec3e183dd3b081639c2
Evidence
Type Source Name Value Confidence Vendor file name cheshire High Vendor jar package name cheshire Highest Vendor Manifest leiningen-project-artifactid cheshire Low Vendor Manifest leiningen-project-groupid cheshire Low Vendor pom artifactid cheshire Low Vendor pom groupid cheshire Highest Vendor pom name cheshire High Vendor pom url dakrone/cheshire Highest Product file name cheshire High Product jar package name cheshire Highest Product Manifest leiningen-project-artifactid cheshire Low Product Manifest leiningen-project-groupid cheshire Low Product pom artifactid cheshire Highest Product pom groupid cheshire Highest Product pom name cheshire High Product pom url dakrone/cheshire High Version file version 6.1.0 High Version Manifest leiningen-project-version 6.1.0 Medium Version pom version 6.1.0 Highest
pkg:maven/cheshire/cheshire@6.1.0
(Confidence :High)
Description:
A workaround for https://dev.clojure.org/jira/browse/CLJ-2253
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/clojars/pmonks/clj-2253/0.1.0/clj-2253-0.1.0.jar
MD5: cbf13845d65489fac031aee4666b230f
SHA1: 72d1f88f05bbc3b1eb468c33815a417faaa49984
SHA256: 7409e379bd788541b80b38872ca5668f9695b0214a2898ca78828cb476115d51
Evidence
Type Source Name Value Confidence Vendor file name clj-2253 High Vendor pom artifactid clj-2253 Low Vendor pom groupid org.clojars.pmonks Highest Vendor pom name clj-2253 High Vendor pom url pmonks/CLJ-2253 Highest Product file name clj-2253 High Product pom artifactid clj-2253 Highest Product pom groupid org.clojars.pmonks Highest Product pom name clj-2253 High Product pom url pmonks/CLJ-2253 High Version file version 0.1.0 High Version pom version 0.1.0 Highest
pkg:maven/org.clojars.pmonks/clj-2253@0.1.0
(Confidence :High)
Description:
Pure Clojure implementations of wcwidth/wcswidth.
License:
MPL-2.0: https://www.mozilla.org/en-US/MPL/2.0/
File Path: /home/runner/.m2/repository/com/github/pmonks/clj-wcwidth/1.0.125/clj-wcwidth-1.0.125.jar
MD5: fb2783e0e04721939202cd0a51f698e5
SHA1: 20d2e7ce47326798b40d0952e04abab86d38e770
SHA256: 30a64ed364f7d2c05088c18ef095dc0695241bca9e0a46e8aa35c944e28152a1
Evidence
Type Source Name Value Confidence Vendor file name clj-wcwidth High Vendor Manifest build-jdk-spec 24 Low Vendor pom artifactid clj-wcwidth Low Vendor pom developer email pmonks+wcwidth@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name clj-wcwidth High Vendor pom url pmonks/clj-wcwidth Highest Product file name clj-wcwidth High Product Manifest build-jdk-spec 24 Low Product pom artifactid clj-wcwidth Highest Product pom developer email pmonks+wcwidth@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name clj-wcwidth High Product pom url pmonks/clj-wcwidth High Version file version 1.0.125 High Version pom version 1.0.125 Highest
pkg:maven/com.github.pmonks/clj-wcwidth@1.0.125
(Confidence :High)
Description:
Clojure core environment and runtime library.
License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php
File Path: /home/runner/.m2/repository/org/clojure/clojure/1.12.4/clojure-1.12.4.jar
MD5: c9e27ed601e1c83392c78fd9f3e7ecec
SHA1: 580cd548600f63b597efea7e94c3e55be2d12537
SHA256: 4b81e9ba6da38c45d9cc58023c674062b8c9f0714f33ff00ded22e6a949da177
Evidence
Type Source Name Value Confidence Vendor file name clojure High Vendor jar package name clojure Highest Vendor jar package name core Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid clojure Low Vendor pom developer email richhickey@gmail.com Low Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name clojure High Vendor pom url http://clojure.org/ Highest Product file name clojure High Product jar package name clojure Highest Product jar package name core Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid clojure Highest Product pom developer email richhickey@gmail.com Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name clojure High Product pom url http://clojure.org/ Medium Version file version 1.12.4 High Version pom version 1.12.4 Highest
Description:
Clojure wrapper for Java 8 Time API
License:
MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/clojure/java-time/clojure.java-time/1.4.3/clojure.java-time-1.4.3.jar
MD5: fce88000603ed0dea2be33e0fffa5836
SHA1: 11cea239151350d663d35f03913e07626ca69f01
SHA256: 8f7e14031a531c1bc79859f4deabe215f8c15f81d66e09bdf7b4d9749b8325a7
Evidence
Type Source Name Value Confidence Vendor file name clojure.java-time High Vendor Manifest leiningen-project-artifactid clojure.java-time Low Vendor Manifest leiningen-project-groupid clojure.java-time Low Vendor pom artifactid clojure.java-time Low Vendor pom groupid clojure.java-time Highest Vendor pom name clojure.java-time High Vendor pom url http://github.com/dm3/clojure.java-time Highest Product file name clojure.java-time High Product Manifest leiningen-project-artifactid clojure.java-time Low Product Manifest leiningen-project-groupid clojure.java-time Low Product pom artifactid clojure.java-time Highest Product pom groupid clojure.java-time Highest Product pom name clojure.java-time High Product pom url http://github.com/dm3/clojure.java-time Medium Version file version 1.4.3 High Version Manifest leiningen-project-version 1.4.3 Medium Version pom version 1.4.3 Highest
Description:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.11.0/commons-beanutils-1.11.0.jar
MD5: 32ed51f196dfda19e0dc1ce53eeed29e
SHA1: ac03ea606d13de04c2e4508227680faff151f491
SHA256: 9e44ba68ec9a3f21286fa2a8bbb003b735c0f69101bb43144b79f4f8aaa74709
Evidence
Type Source Name Value Confidence Vendor file name commons-beanutils High Vendor jar package name apache Highest Vendor jar package name beanutils Highest Vendor jar package name commons Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-beanutils Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email epugh@apache.org Low Vendor pom developer email geirm@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email jconlon@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email niallp@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email scolebourne@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email stain@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer email yoavs@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dion Medium Vendor pom developer id epugh Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id jconlon Medium Vendor pom developer id jstrachan Medium Vendor pom developer id morgand Medium Vendor pom developer id mvdb Medium Vendor pom developer id niallp Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer id skitching Medium Vendor pom developer id stain Medium Vendor pom developer id tobrien Medium Vendor pom developer id yoavs Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Eric Pugh Medium Vendor pom developer name Dion Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Jr. Medium Vendor pom developer name James Carman Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John E. Conlon Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Morgan James Delagrange Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer name Tim O'Brien Medium Vendor pom developer name Yoav Shapira Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-beanutils Highest Vendor pom name Apache Commons BeanUtils High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-beanutils Highest Product file name commons-beanutils High Product jar package name apache Highest Product jar package name beanutils Highest Product jar package name commons Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils Low Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest Implementation-Title Apache Commons BeanUtils High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons BeanUtils Medium Product pom artifactid commons-beanutils Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email epugh@apache.org Low Product pom developer email geirm@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email jconlon@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email niallp@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email scolebourne@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email stain@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer email yoavs@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dion Low Product pom developer id epugh Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id jconlon Low Product pom developer id jstrachan Low Product pom developer id morgand Low Product pom developer id mvdb Low Product pom developer id niallp Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer id skitching Low Product pom developer id stain Low Product pom developer id tobrien Low Product pom developer id yoavs Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Eric Pugh Low Product pom developer name Dion Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Jr. Low Product pom developer name James Carman Low Product pom developer name James Strachan Low Product pom developer name John E. Conlon Low Product pom developer name Martin van den Bemt Low Product pom developer name Morgan James Delagrange Low Product pom developer name Niall Pemberton Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Stephen Colebourne Low Product pom developer name Stian Soiland-Reyes Low Product pom developer name Tim O'Brien Low Product pom developer name Yoav Shapira Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-beanutils Highest Product pom name Apache Commons BeanUtils High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-beanutils Medium Version file version 1.11.0 High Version Manifest Bundle-Version 1.11.0 High Version Manifest Implementation-Version 1.11.0 High Version pom parent-version 1.11.0 Low Version pom version 1.11.0 Highest
Description:
Types that extend and augment the Java Collections Framework.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Evidence
Type Source Name Value Confidence Vendor file name commons-collections High Vendor jar package name apache Highest Vendor jar package name collections Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections Low Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id craigmcc Medium Vendor pom developer id geirm Medium Vendor pom developer id jcarman Medium Vendor pom developer id matth Medium Vendor pom developer id morgand Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid commons-collections Highest Vendor pom name Apache Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/collections/ Highest Product file name commons-collections High Product jar package name apache Highest Product jar package name collections Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-url http://commons.apache.org/collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product pom artifactid commons-collections Highest Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id craigmcc Low Product pom developer id geirm Low Product pom developer id jcarman Low Product pom developer id matth Low Product pom developer id morgand Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom groupid commons-collections Highest Product pom name Apache Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/collections/ Medium Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version pom version 3.2.2 Highest
Description:
The Digester package lets you configure an XML to Java object mapping module
which triggers certain actions called rules whenever a particular
pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256: e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Evidence
Type Source Name Value Confidence Vendor file name commons-digester High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name digester Highest Vendor jar package name rules Highest Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-digester Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email jfarcand@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email jvanzyl@apache.org Low Vendor pom developer email rahul AT apache DOT org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email simonetripodi AT apache DOT org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id jfarcand Medium Vendor pom developer id jstrachan Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id rahul Medium Vendor pom developer id rdonkin Medium Vendor pom developer id sanders Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id skitching Medium Vendor pom developer id tobrien Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name James Strachan Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jean-Francois Arcand Medium Vendor pom developer name Rahul Akolkar Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer name Tim OBrien Medium Vendor pom groupid commons-digester Highest Vendor pom name Commons Digester High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/digester/ Highest Product file name commons-digester High Product jar package name apache Highest Product jar package name commons Highest Product jar package name digester Highest Product jar package name rules Highest Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product Manifest Bundle-Name Commons Digester Medium Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest Implementation-Title Commons Digester High Product Manifest specification-title Commons Digester Medium Product pom artifactid commons-digester Highest Product pom developer email craigmcc@apache.org Low Product pom developer email jfarcand@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email jvanzyl@apache.org Low Product pom developer email rahul AT apache DOT org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email simonetripodi AT apache DOT org Low Product pom developer email skitching@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id craigmcc Low Product pom developer id jfarcand Low Product pom developer id jstrachan Low Product pom developer id jvanzyl Low Product pom developer id rahul Low Product pom developer id rdonkin Low Product pom developer id sanders Low Product pom developer id simonetripodi Low Product pom developer id skitching Low Product pom developer id tobrien Low Product pom developer name Craig McClanahan Low Product pom developer name James Strachan Low Product pom developer name Jason van Zyl Low Product pom developer name Jean-Francois Arcand Low Product pom developer name Rahul Akolkar Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Simone Tripodi Low Product pom developer name Tim OBrien Low Product pom groupid commons-digester Highest Product pom name Commons Digester High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/digester/ Medium Version file version 2.1 High Version Manifest Bundle-Version 2.1 High Version Manifest Implementation-Version 2.1 High Version pom parent-version 2.1 Low Version pom version 2.1 Highest
pkg:maven/commons-digester/commons-digester@2.1
(Confidence :High)
Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well-known logging systems.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256: 6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4
Evidence
Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id ggregory Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Product Manifest Implementation-Title Apache Commons Logging High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id ggregory Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Gary Gregory Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-logging/ Medium Version file version 1.3.5 High Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version pom parent-version 1.3.5 Low Version pom version 1.3.5 Highest
pkg:maven/commons-logging/commons-logging@1.3.5
(Confidence :High)
Description:
Apache Commons Validator provides the building blocks for both client-side and server-side data validation.
It may be used standalone or with a framework like Struts.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-validator/commons-validator/1.10.1/commons-validator-1.10.1.jar
MD5: d618186ce8b682c51b1a7e72d11f5c88
SHA1: cdf5c2a69aad509c4db54786f19f1e1ccc471bcf
SHA256: ed74711a78d793ca37f6075e4a1e93d107233dfd20d0bb17e32bad88d38e56aa
Evidence
Type Source Name Value Confidence Vendor file name commons-validator High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name validator Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-validator/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-validator Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dwinterfeldt@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email husted@apache.org Low Vendor pom developer email jmitchell NOSPAM apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email mrdon@apache.org Low Vendor pom developer email rleland at apache.org Low Vendor pom developer email turner@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id bspeakmon Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dgraham Medium Vendor pom developer id dwinterfeldt Medium Vendor pom developer id ggregory Medium Vendor pom developer id husted Medium Vendor pom developer id jmitchell Medium Vendor pom developer id martinc Medium Vendor pom developer id mrdon Medium Vendor pom developer id niallp Medium Vendor pom developer id nick Medium Vendor pom developer id rleland Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id turner Medium Vendor pom developer name Ben Speakmon Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Graham Medium Vendor pom developer name David Winterfeldt Medium Vendor pom developer name Don Brown Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Mitchell Medium Vendor pom developer name James Turner Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nick Burch Medium Vendor pom developer name Rob Leland Medium Vendor pom developer name SimoneTripodi Medium Vendor pom developer name Ted Husted Medium Vendor pom developer org EdgeTech, Inc Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-validator Highest Vendor pom name Apache Commons Validator High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-validator/ Highest Product file name commons-validator High Product jar package name apache Highest Product jar package name commons Highest Product jar package name validator Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-validator/ Low Product Manifest Bundle-Name Apache Commons Validator Medium Product Manifest bundle-symbolicname org.apache.commons.commons-validator Medium Product Manifest Implementation-Title Apache Commons Validator High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Validator Medium Product pom artifactid commons-validator Highest Product pom developer email craigmcc@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dwinterfeldt@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email husted@apache.org Low Product pom developer email jmitchell NOSPAM apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email mrdon@apache.org Low Product pom developer email rleland at apache.org Low Product pom developer email turner@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id bspeakmon Low Product pom developer id craigmcc Low Product pom developer id dgraham Low Product pom developer id dwinterfeldt Low Product pom developer id ggregory Low Product pom developer id husted Low Product pom developer id jmitchell Low Product pom developer id martinc Low Product pom developer id mrdon Low Product pom developer id niallp Low Product pom developer id nick Low Product pom developer id rleland Low Product pom developer id simonetripodi Low Product pom developer id turner Low Product pom developer name Ben Speakmon Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Graham Low Product pom developer name David Winterfeldt Low Product pom developer name Don Brown Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Mitchell Low Product pom developer name James Turner Low Product pom developer name Martin Cooper Low Product pom developer name Niall Pemberton Low Product pom developer name Nick Burch Low Product pom developer name Rob Leland Low Product pom developer name SimoneTripodi Low Product pom developer name Ted Husted Low Product pom developer org EdgeTech, Inc Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-validator Highest Product pom name Apache Commons Validator High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-validator/ Medium Version file version 1.10.1 High Version Manifest Bundle-Version 1.10.1 High Version Manifest Implementation-Version 1.10.1 High Version pom parent-version 1.10.1 Low Version pom version 1.10.1 Highest
pkg:maven/commons-validator/commons-validator@1.10.1
(Confidence :High)
Description:
Facilities for async programming and communication in Clojure
File Path: /home/runner/.m2/repository/org/clojure/core.async/1.8.741/core.async-1.8.741.jarMD5: cdd5b4b278d48a7e75138f15e90c4902SHA1: 0568d9b06541900b0dc024ca900092e6b1bde76dSHA256: 288489a4f0e580f43e1913cba842b32959ef01e2d1bc3a01db2e97c79c9c655a
Evidence
Type Source Name Value Confidence Vendor file name core.async High Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid core.async Low Vendor pom developer id richhickey Medium Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name core.async High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/core.async Highest Product file name core.async High Product Manifest build-jdk-spec 1.8 Low Product pom artifactid core.async Highest Product pom developer id richhickey Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name core.async High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/core.async High Version file version 1.8.741 High Version pom parent-version 1.8.741 Low Version pom version 1.8.741 Highest
pkg:maven/org.clojure/core.async@1.8.741
(Confidence :High)
Description:
Cache library for Clojure.
License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/
File Path: /home/runner/.m2/repository/org/clojure/core.cache/1.1.234/core.cache-1.1.234.jar
MD5: c74f1627e4c7bc82173ee885049ca95b
SHA1: 4efde969ef1c0659f7b0e6e28c85263d9af01299
SHA256: ba9071044edb7b009288b2c5f800a7dcd918b0f1725c5ba800469238df972f63
Evidence
Type Source Name Value Confidence Vendor file name core.cache High Vendor pom artifactid core.cache Low Vendor pom developer id fogus Medium Vendor pom developer name Michael Fogus Medium Vendor pom groupid org.clojure Highest Vendor pom name core.cache High Vendor pom parent-artifactid pom.contrib Low Product file name core.cache High Product pom artifactid core.cache Highest Product pom developer id fogus Low Product pom developer name Michael Fogus Low Product pom groupid org.clojure Highest Product pom name core.cache High Product pom parent-artifactid pom.contrib Medium Version file version 1.1.234 High Version pom parent-version 1.1.234 Low Version pom version 1.1.234 Highest
pkg:maven/org.clojure/core.cache@1.1.234
(Confidence :High)
Description:
A memoization library for Clojure
License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/
File Path: /home/runner/.m2/repository/org/clojure/core.memoize/1.1.266/core.memoize-1.1.266.jar
MD5: 70a78543850b17e61d8a122e8cb6f4a7
SHA1: e2cc0e3a742723a52e72373aebc556b678909ddc
SHA256: 5792a21d6d90a1f5e68d4a10f65607aa21f6c484eb9d1a421cefc1f8ac26f18e
Evidence
Type Source Name Value Confidence Vendor file name core.memoize High Vendor pom artifactid core.memoize Low Vendor pom developer id fogus Medium Vendor pom developer name Fogus Medium Vendor pom groupid org.clojure Highest Vendor pom name core.memoize High Vendor pom parent-artifactid pom.contrib Low Product file name core.memoize High Product pom artifactid core.memoize Highest Product pom developer id fogus Low Product pom developer name Fogus Low Product pom groupid org.clojure Highest Product pom name core.memoize High Product pom parent-artifactid pom.contrib Medium Version file version 1.1.266 High Version pom parent-version 1.1.266 Low Version pom version 1.1.266 Highest
pkg:maven/org.clojure/core.memoize@1.1.266
(Confidence :High)
Description:
Specs for clojure.core
License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/
File Path: /home/runner/.m2/repository/org/clojure/core.specs.alpha/0.4.74/core.specs.alpha-0.4.74.jar
MD5: ebd37b9a3c39e6b769fc1463737cb8d4
SHA1: d56a8d4c666ff8140e6d0a62d41263134be39254
SHA256: eb73ac08cf49ba840c88ba67beef11336ca554333d9408808d78946e0feb9ddb
Evidence
Type Source Name Value Confidence Vendor file name core.specs.alpha High Vendor pom artifactid core.specs.alpha Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid org.clojure Highest Vendor pom name core.specs.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name core.specs.alpha High Product pom artifactid core.specs.alpha Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid org.clojure Highest Product pom name core.specs.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.4.74 High Version pom parent-version 0.4.74 Low Version pom version 0.4.74 Highest
pkg:maven/org.clojure/core.specs.alpha@0.4.74
(Confidence :High)
cpe:2.3:a:alex_project:alex:0.4.74:*:*:*:*:*:*:*
(Confidence :Low)
suppress
Description:
Generating/parsing JSON from/to Clojure data structures
File Path: /home/runner/.m2/repository/org/clojure/data.json/2.3.1/data.json-2.3.1.jarMD5: c40582783bbba064e6d2eab43067c183SHA1: bccad454332d350fcf088ad65e961b9ed7687b7bSHA256: ab6fcad6c5a174eecf6424c789064288626bf0434aab6414c9947df26e3ee4e2
Evidence
Type Source Name Value Confidence Vendor file name data.json High Vendor pom artifactid data.json Low Vendor pom developer email mail@stuartsierra.com Low Vendor pom developer name Stuart Sierra Medium Vendor pom groupid org.clojure Highest Vendor pom name data.json High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/data.json Highest Product file name data.json High Product pom artifactid data.json Highest Product pom developer email mail@stuartsierra.com Low Product pom developer name Stuart Sierra Low Product pom groupid org.clojure Highest Product pom name data.json High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/data.json High Version file version 2.3.1 High Version pom parent-version 2.3.1 Low Version pom version 2.3.1 Highest
pkg:maven/org.clojure/data.json@2.3.1
(Confidence :High)
File Path: /home/runner/.m2/repository/org/clojure/data.priority-map/1.2.0/data.priority-map-1.2.0.jarMD5: 2cfe73a5c938e7fd15d36bcbe29b5918SHA1: a07772b9f061023198635d1b1425d936507f5ec7SHA256: a4523626a1ccc4fce0d1efe6df16897fc3e34b58738f0462e4536af17dea02f0
Evidence
Type Source Name Value Confidence Vendor file name data.priority-map High Vendor pom artifactid data.priority-map Low Vendor pom developer name Mark Engelberg Medium Vendor pom groupid org.clojure Highest Vendor pom name data.priority-map High Vendor pom parent-artifactid pom.contrib Low Product file name data.priority-map High Product pom artifactid data.priority-map Highest Product pom developer name Mark Engelberg Low Product pom groupid org.clojure Highest Product pom name data.priority-map High Product pom parent-artifactid pom.contrib Medium Version file version 1.2.0 High Version pom version 1.2.0 Highest
pkg:maven/org.clojure/data.priority-map@1.2.0
(Confidence :High)
Description:
A Clojure wrapper library for the Discord API, with full API coverage (except voice, for now), and high scalability.
License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/com/github/discljord/discljord/1.3.1/discljord-1.3.1.jar
MD5: 3d3b7aff80ce893282e7eaaadd708061
SHA1: df0e0be3ff5ae9e072b1dfa8422eaa5deb3a3251
SHA256: 361fc69812dbf436458f1716afeeb5ae8f7210fc798cd3b3fb27d39449b369aa
Evidence
Type Source Name Value Confidence Vendor file name discljord High Vendor pom artifactid discljord Low Vendor pom groupid com.github.discljord Highest Vendor pom name discljord High Vendor pom url IGJoshua/discljord Highest Product file name discljord High Product pom artifactid discljord Highest Product pom groupid com.github.discljord Highest Product pom name discljord High Product pom url IGJoshua/discljord High Version file version 1.3.1 High Version pom version 1.3.1 Highest
pkg:maven/com.github.discljord/discljord@1.3.1
(Confidence :High)
Description:
A Clojure micro-library for leveraging virtual threads on JVMs that support them.
License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/com/github/pmonks/embroidery/1.0.44/embroidery-1.0.44.jar
MD5: 0141ce9e67e5c76af519e98fc5a8bf5d
SHA1: 0ce7accc8b0fe2fcb13b0e509c322de914390ad2
SHA256: f978771dcca1ef87a0668cee9911882fea462791f20a6166b93edc356d35f152
Evidence
Type Source Name Value Confidence Vendor file name embroidery High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid embroidery Low Vendor pom developer email pmonks+embroidery@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name embroidery High Vendor pom url pmonks/embroidery Highest Product file name embroidery High Product Manifest build-jdk-spec 21 Low Product pom artifactid embroidery Highest Product pom developer email pmonks+embroidery@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name embroidery High Product pom url pmonks/embroidery High Version file version 1.0.44 High Version pom version 1.0.44 Highest
pkg:maven/com.github.pmonks/embroidery@1.0.44
(Confidence :High)
Description:
A WebSocket client for Clojure
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/stylefruits/gniazdo/1.2.2/gniazdo-1.2.2.jar
MD5: 475a727ac1787ab0afc92e70062de2f5
SHA1: e7eafb16875928396d58c8d62c857d728ef7587a
SHA256: 799c9dd0dcb3c6418e72d4e2ef2cb8be12e529db5619e98849b4046adab9129f
Evidence
Type Source Name Value Confidence Vendor file name gniazdo High Vendor Manifest leiningen-project-artifactid gniazdo Low Vendor Manifest leiningen-project-groupid stylefruits Low Vendor pom artifactid gniazdo Low Vendor pom groupid stylefruits Highest Vendor pom name gniazdo High Vendor pom url stylefruits/gniazdo Highest Product file name gniazdo High Product Manifest leiningen-project-artifactid gniazdo Low Product Manifest leiningen-project-groupid stylefruits Low Product pom artifactid gniazdo Highest Product pom groupid stylefruits Highest Product pom name gniazdo High Product pom url stylefruits/gniazdo High Version file version 1.2.2 High Version Manifest leiningen-project-version 1.2.2 Medium Version pom version 1.2.2 Highest
pkg:maven/stylefruits/gniazdo@1.2.2
(Confidence :High)
Description:
An HTTP client for Clojure, wrapping JDK 11's HttpClient.
License:
The MIT License: http://opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/hato/hato/1.0.0/hato-1.0.0.jar
MD5: 169f69866f7e0eaf8f5a38ad049bcecf
SHA1: 6a1bea52787ef5419f9d4475bce4997581ee6276
SHA256: 6b65a8f6145ec577b015cbfa3703c2d00f5e9f964bc6fca7b71dfc56a4ffe029
Evidence
Type Source Name Value Confidence Vendor file name hato High Vendor Manifest leiningen-project-artifactid hato Low Vendor Manifest leiningen-project-groupid hato Low Vendor pom artifactid hato Low Vendor pom groupid hato Highest Vendor pom name hato High Vendor pom url gnarroway/hato Highest Product file name hato High Product Manifest leiningen-project-artifactid hato Low Product Manifest leiningen-project-groupid hato Low Product pom artifactid hato Highest Product pom groupid hato Highest Product pom name hato High Product pom url gnarroway/hato High Version file version 1.0.0 High Version Manifest leiningen-project-version 1.0.0 Medium Version pom version 1.0.0 Highest
pkg:maven/hato/hato@1.0.0
(Confidence :High)
Description:
Simple, high-performance event-driven HTTP client+server for Clojure
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/http-kit/http-kit/2.8.1/http-kit-2.8.1.jar
MD5: b2e1c511125b476851ff9c6a82d4b2dc
SHA1: ddcee7f29444e13f78f4c6423e3302c39455f4cd
SHA256: 05e632f9b08da3cebefd51c334ccab650b3b8bc43068443661472606b804d2f2
Evidence
Type Source Name Value Confidence Vendor file name http-kit High Vendor jar package name client Highest Vendor jar package name server Highest Vendor Manifest leiningen-project-artifactid http-kit Low Vendor Manifest leiningen-project-groupid http-kit Low Vendor pom artifactid http-kit Low Vendor pom groupid http-kit Highest Vendor pom name http-kit High Vendor pom url http-kit/http-kit Highest Product file name http-kit High Product jar package name client Highest Product jar package name server Highest Product Manifest leiningen-project-artifactid http-kit Low Product Manifest leiningen-project-groupid http-kit Low Product pom artifactid http-kit Highest Product pom groupid http-kit Highest Product pom name http-kit High Product pom url http-kit/http-kit High Version file version 2.8.1 High Version Manifest leiningen-project-version 2.8.1 Medium Version pom version 2.8.1 Highest
pkg:maven/http-kit/http-kit@2.8.1
(Confidence :High)
Description:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.20.0/jackson-core-2.20.0.jar
MD5: 3536b524a7106dae1b4feb71e6f5ff74
SHA1: 3c97f7fad069f7cfae639d790bd93d6a0b2dff31
SHA256: bc0cf46075877201f8406ee7de2741ae7df6c066f5f0457bd80632a718c06e72
Evidence
Type Source Name Value Confidence Vendor file name jackson-core High Vendor jar package name base Highest Vendor jar package name com Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name com Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.20.0 High Version Manifest Bundle-Version 2.20.0 High Version Manifest Implementation-Version 2.20.0 High Version pom version 2.20.0 Highest
Description:
Support for reading and writing Concise Binary Object Representation
([CBOR](https://www.rfc-editor.org/info/rfc7049)
encoded data using Jackson abstractions (streaming API, data binding, tree model)
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-cbor/2.20.0/jackson-dataformat-cbor-2.20.0.jar
MD5: d7d1d6cba1ee620ac11b84c0cb76a52f
SHA1: c10e9032bec62df3089ca1cbdef43a1453aca261
SHA256: ab075616cbd67f5676f89825ec9c8bc7b54c84dbe934b162145b34172370b5d6
Evidence
Type Source Name Value Confidence Vendor file name jackson-dataformat-cbor High Vendor jar package name cbor Highest Vendor jar package name dataformat Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformats-binary Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-cbor Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.dataformat Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-dataformat-cbor Low Vendor pom groupid com.fasterxml.jackson.dataformat Highest Vendor pom name Jackson dataformat: CBOR High Vendor pom parent-artifactid jackson-dataformats-binary Low Vendor pom url FasterXML/jackson-dataformats-binary Highest Product file name jackson-dataformat-cbor High Product jar package name cbor Highest Product jar package name dataformat Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-dataformats-binary Low Product Manifest Bundle-Name Jackson dataformat: CBOR Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.dataformat.jackson-dataformat-cbor Medium Product Manifest Implementation-Title Jackson dataformat: CBOR High Product Manifest multi-release true Low Product Manifest specification-title Jackson dataformat: CBOR Medium Product pom artifactid jackson-dataformat-cbor Highest Product pom groupid com.fasterxml.jackson.dataformat Highest Product pom name Jackson dataformat: CBOR High Product pom parent-artifactid jackson-dataformats-binary Medium Product pom url FasterXML/jackson-dataformats-binary High Version file version 2.20.0 High Version Manifest Bundle-Version 2.20.0 High Version Manifest Implementation-Version 2.20.0 High Version pom version 2.20.0 Highest
Related Dependencies
jackson-dataformat-smile-2.20.0.jar
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-smile/2.20.0/jackson-dataformat-smile-2.20.0.jar
MD5: c514bfbcf056032ffa7aad1854f218e6
SHA1: 9cee634578c474142bf367a8d8f6feb526bbb0f8
SHA256: 345c002cb7ac9e54341a8f04c56a11dc21945426ea8399ff56e02fb8e912a66e
pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-smile@2.20.0
pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-cbor@2.20.0
(Confidence :High)
cpe:2.3:a:fasterxml:jackson-dataformats-binary:2.20.0:*:*:*:*:*:*:*
(Confidence :Low)
suppress
File Path: /home/runner/.m2/repository/org/jline/jansi/3.30.6/jansi-3.30.6.jar/META-INF/maven/org.jline/jansi-core/pom.xmlMD5: 196caffbfe94ec7e1a11041a7b3e735aSHA1: afc33af36000d1934e88c17ea016f7009e9522bbSHA256: 690fa0d12668fbd2503324fc34eac2f1f7f23aff6109cd67c5054e1b38f9aa4d
Evidence
Type Source Name Value Confidence Vendor pom artifactid jansi-core Low Vendor pom groupid org.jline Highest Vendor pom name Jansi Core High Vendor pom parent-artifactid jline-parent Low Product pom artifactid jansi-core Highest Product pom groupid org.jline Highest Product pom name Jansi Core High Product pom parent-artifactid jline-parent Medium Version pom version 3.30.6 Highest
Related Dependencies
jansi-3.30.6.jar (shaded: org.jline:jline-native:3.30.6)
File Path: /home/runner/.m2/repository/org/jline/jansi/3.30.6/jansi-3.30.6.jar/META-INF/maven/org.jline/jline-native/pom.xml
MD5: c4562d78f563dacf6a63e21495cabcbe
SHA1: 381f09c6715b7fccae0579634163f5124746582b
SHA256: 21250f741f29fdcc32f60e0446c6aa1e9bbab38d3116453a5cdfab0fb5b32eb2
pkg:maven/org.jline/jline-native@3.30.6
jansi-3.30.6.jar (shaded: org.jline:jline-terminal-jni:3.30.6)
File Path: /home/runner/.m2/repository/org/jline/jansi/3.30.6/jansi-3.30.6.jar/META-INF/maven/org.jline/jline-terminal-jni/pom.xml
MD5: 8310cc4fc5d95af7436d2bc5264e973a
SHA1: c4a219d7bf636ab3bf7adf4dd007e175b93210e4
SHA256: 69f29dc1aac901af425a41e42264923f3569e75878ad15af9e9a1b96af4b2a50
pkg:maven/org.jline/jline-terminal-jni@3.30.6
jansi-3.30.6.jar (shaded: org.jline:jline-terminal:3.30.6)
File Path: /home/runner/.m2/repository/org/jline/jansi/3.30.6/jansi-3.30.6.jar/META-INF/maven/org.jline/jline-terminal/pom.xml
MD5: 4699c0f936975d457f8fafec155d8464
SHA1: 5bd75ae7fa1aa2606a97d1f415f9b18e0e4c7e8f
SHA256: 0bc46d69bb2f3f3926a47e0878f348ed33c923c0a630f390e212067dbf9afaf4
pkg:maven/org.jline/jline-terminal@3.30.6
Description:
JLine
License:
The BSD License: https://opensource.org/licenses/BSD-3-Clause
File Path: /home/runner/.m2/repository/org/jline/jansi/3.30.6/jansi-3.30.6.jar
MD5: 2cadda409fa8cf5d7f9c7fcc78046c14
SHA1: 80e9cbb4db1bb9f81d41b2ba3a4c27fda028e22a
SHA256: d08b2580fd7d36c76f2b9785540e1cc546ace009c6721f5ba05159fbc87ed754
Evidence
Type Source Name Value Confidence Vendor file name jansi High Vendor jar package name jansi Highest Vendor jar package name jline Highest Vendor Manifest automatic-module-name org.jline.jansi Medium Vendor Manifest build-jdk-spec 25 Low Vendor Manifest bundle-symbolicname org.jline.jansi Medium Vendor Manifest originally-created-by Apache Maven Bundle Plugin 6.0.0 Low Vendor pom artifactid jansi Low Vendor pom developer email gnodet@gmail.com Low Vendor pom developer id gnodet Medium Vendor pom developer name Guillaume Nodet Medium Vendor pom groupid org.jline Highest Vendor pom name Jansi Bundle High Vendor pom parent-artifactid jline-parent Low Vendor pom url jline/jline3/jansi Highest Product file name jansi High Product jar package name jansi Highest Product jar package name jline Highest Product Manifest automatic-module-name org.jline.jansi Medium Product Manifest build-jdk-spec 25 Low Product Manifest Bundle-Name Jansi Bundle Medium Product Manifest bundle-symbolicname org.jline.jansi Medium Product Manifest originally-created-by Apache Maven Bundle Plugin 6.0.0 Low Product pom artifactid jansi Highest Product pom developer email gnodet@gmail.com Low Product pom developer id gnodet Low Product pom developer name Guillaume Nodet Low Product pom groupid org.jline Highest Product pom name Jansi Bundle High Product pom parent-artifactid jline-parent Medium Product pom url jline/jline3/jansi High Version file version 3.30.6 High Version Manifest Bundle-Version 3.30.6 High Version pom version 3.30.6 Highest
Description:
Clojure Wrapper around Jansi.
License:
MIT: https://choosealicense.com/licenses/mit
File Path: /home/runner/.m2/repository/jansi-clj/jansi-clj/2.0.0/jansi-clj-2.0.0.jar
MD5: 53bf3d39f2a68d2a7661005691348c5b
SHA1: fa356c4004f6efe6a240c8049de97b33e7882339
SHA256: c41cc7420ef93f684f37f2a90bcd633cad6e2f1d2f46cbc8000b0001c27f077e
Evidence
Type Source Name Value Confidence Vendor file name jansi-clj High Vendor Manifest leiningen-project-artifactid jansi-clj Low Vendor Manifest leiningen-project-groupid jansi-clj Low Vendor pom artifactid jansi-clj Low Vendor pom groupid jansi-clj Highest Vendor pom name jansi-clj High Vendor pom url https://codeberg.org/xsc/jansi-clj Highest Product file name jansi-clj High Product Manifest leiningen-project-artifactid jansi-clj Low Product Manifest leiningen-project-groupid jansi-clj Low Product pom artifactid jansi-clj Highest Product pom groupid jansi-clj Highest Product pom name jansi-clj High Product pom url https://codeberg.org/xsc/jansi-clj Medium Version file version 2.0.0 High Version Manifest leiningen-project-version 2.0.0 Medium Version pom version 2.0.0 Highest
pkg:maven/jansi-clj/jansi-clj@2.0.0
(Confidence :High)
Description:
JCL 1.2 implemented over SLF4J
License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/slf4j/jcl-over-slf4j/2.0.17/jcl-over-slf4j-2.0.17.jar
MD5: 4fcd46ca51e55b9fd9b0db34474927e0
SHA1: 76ea503eb688f06556a9ba69995d7eab63e34531
SHA256: affd06771589ebfe454bb11315a4f466ecaa135b95f3e7939534cf1d2fd7064c
Evidence
Type Source Name Value Confidence Vendor file name jcl-over-slf4j High Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor pom artifactid jcl-over-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JCL 1.2 implemented over SLF4J High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jcl-over-slf4j High Product jar package name 9 Highest Product jar package name apache Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name JCL 1.2 implemented over SLF4J Medium Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product Manifest Implementation-Title jcl-over-slf4j High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product pom artifactid jcl-over-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JCL 1.2 implemented over SLF4J High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/jcl-over-slf4j@2.0.17
(Confidence :High)
Description:
Jetty module for Jetty :: IO Utility
License:
http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-io/9.4.58.v20250814/jetty-io-9.4.58.v20250814.jar
MD5: e0a82e5c51fbecba26a129c886be9c1b
SHA1: e198dae4d91fa79d9c1e2e039870d49c487c45cf
SHA256: f55b2cc7c05244fd7b1773e99979b740002b0186e45b8a688243d89c7006fe21
Evidence
Type Source Name Value Confidence Vendor file name jetty-io High Vendor jar package name eclipse Highest Vendor jar package name io Highest Vendor jar package name jetty Highest Vendor Manifest automatic-module-name org.eclipse.jetty.io Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Vendor Manifest bundle-docurl https://jetty.org/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.io Medium Vendor Manifest Implementation-Vendor Eclipse Jetty Project High Vendor Manifest url https://jetty.org/ Low Vendor pom artifactid jetty-io Low Vendor pom groupid org.eclipse.jetty Highest Vendor pom name Jetty :: IO Utility High Vendor pom parent-artifactid jetty-project Low Product file name jetty-io High Product jar package name eclipse Highest Product jar package name io Highest Product jar package name jetty Highest Product Manifest automatic-module-name org.eclipse.jetty.io Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Product Manifest bundle-docurl https://jetty.org/ Low Product Manifest Bundle-Name Jetty :: IO Utility Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.eclipse.jetty.io Medium Product Manifest url https://jetty.org/ Low Product pom artifactid jetty-io Highest Product pom groupid org.eclipse.jetty Highest Product pom name Jetty :: IO Utility High Product pom parent-artifactid jetty-project Medium Version file version 9.4.58.v20250814 High Version Manifest Bundle-Version 9.4.58.v20250814 High Version Manifest Implementation-Version 9.4.58.v20250814 High Version pom version 9.4.58.v20250814 Highest
Related Dependencies
jetty-client-9.4.58.v20250814.jar
File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-client/9.4.58.v20250814/jetty-client-9.4.58.v20250814.jar
MD5: 6ee877eee4083e81ed1d98edd1dec3b6
SHA1: 4cd34d919db0fa69fc2a0c7a071e826a1aa45d39
SHA256: 629371e5f65f321832930538bd485e5fd637d180412ea75f592881921e2d4b83
pkg:maven/org.eclipse.jetty/jetty-client@9.4.58.v20250814
jetty-http-9.4.58.v20250814.jar
File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-http/9.4.58.v20250814/jetty-http-9.4.58.v20250814.jar
MD5: 9946c9ecc8193405df3bcd3120310c60
SHA1: 98c52c56ecc1eedd9e05327f266f35c5ef8bf0c4
SHA256: 8f49b8583fc8dbbfe3a0ba80a04c97df64ebabca2981b56ee403c989aba9d4da
pkg:maven/org.eclipse.jetty/jetty-http@9.4.58.v20250814
jetty-util-9.4.58.v20250814.jar
File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-util/9.4.58.v20250814/jetty-util-9.4.58.v20250814.jar
MD5: 653955178a5c765c27d0e68ff5798ba4
SHA1: 4175e2c7b347d31dba112e8a6f168a029a5f4225
SHA256: 8d591679d318d20c8fb2b1e83900562b3c4571ff7a189696be700293e0204146
pkg:maven/org.eclipse.jetty/jetty-util@9.4.58.v20250814
CVE-2025-11143 suppress
The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
CWE-20 Improper Input Validation
CVSSv3:
Base Score: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
Description:
JUL to SLF4J bridge
License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/2.0.17/jul-to-slf4j-2.0.17.jar
MD5: a42936c56611e4794c42908fb3d3a647
SHA1: 524cb6ccc2b68a57604750e1ab8b13b5a786a6aa
SHA256: a7afcd23b9cfd1475e55c94f943b808c5922035e7e2c2a5c65a487a4106bc538
Evidence
Type Source Name Value Confidence Vendor file name jul-to-slf4j High Vendor jar package name bridge Highest Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname jul.to.slf4j Medium Vendor Manifest multi-release true Low Vendor pom artifactid jul-to-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JUL to SLF4J bridge High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jul-to-slf4j High Product jar package name bridge Highest Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name JUL to SLF4J bridge Medium Product Manifest bundle-symbolicname jul.to.slf4j Medium Product Manifest Implementation-Title jul-to-slf4j High Product Manifest multi-release true Low Product pom artifactid jul-to-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JUL to SLF4J bridge High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/jul-to-slf4j@2.0.17
(Confidence :High)
Description:
Efficient ordered map and set.
License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/frankiesardo/linked/1.3.0/linked-1.3.0.jar
MD5: 116a0e136ec5951eaede8a50d08d2617
SHA1: a9e0a8b3fb028b91b6d46305c629dacd63857e9e
SHA256: f952b1d95a5f5cc105ac8ff96656dd12540d5ea28e31f68e101778820f204d3a
Evidence
Type Source Name Value Confidence Vendor file name linked High Vendor pom artifactid linked Low Vendor pom groupid frankiesardo Highest Vendor pom name linked High Vendor pom url frankiesardo/linked Highest Product file name linked High Product pom artifactid linked Highest Product pom groupid frankiesardo Highest Product pom name linked High Product pom url frankiesardo/linked High Version file version 1.3.0 High Version pom version 1.3.0 Highest
pkg:maven/frankiesardo/linked@1.3.0
(Confidence :High)
Description:
Log4j implemented over SLF4J
License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/slf4j/log4j-over-slf4j/2.0.17/log4j-over-slf4j-2.0.17.jar
MD5: ec3cf11fe022ffd852ab84e9b8b69a96
SHA1: 55e55c79a0b89ccc9e411049005c02b7514e0cf9
SHA256: cbf30eaf95357ab7babf9be123da9cc702f0fe83b23392b7a62589d60b5862d1
Evidence
Type Source Name Value Confidence Vendor file name log4j-over-slf4j High Vendor jar package name log4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname log4j.over.slf4j Medium Vendor Manifest multi-release true Low Vendor pom artifactid log4j-over-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name Log4j Implemented Over SLF4J High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name log4j-over-slf4j High Product jar package name log4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name Log4j Implemented Over SLF4J Medium Product Manifest bundle-symbolicname log4j.over.slf4j Medium Product Manifest Implementation-Title log4j-over-slf4j High Product Manifest multi-release true Low Product pom artifactid log4j-over-slf4j Highest Product pom groupid org.slf4j Highest Product pom name Log4j Implemented Over SLF4J High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/log4j-over-slf4j@2.0.17
(Confidence :High)
Description:
logback-core module
License:
http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.5.22/logback-core-1.5.22.jar
MD5: a001d8dfa6910cbeb38fa7714778a046
SHA1: 7c3ee4420b36bd499fa4f9f18a81d54a64fe0218
SHA256: 7561b7a525364612966ff3823f8c62a81a3262742d455301f479273ef55570b8
Evidence
Type Source Name Value Confidence Vendor file name logback-core High Vendor jar package name ch Highest Vendor jar package name core Highest Vendor jar package name logback Highest Vendor jar package name qos Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor Manifest bundle-symbolicname ch.qos.logback.core Medium Vendor Manifest Implementation-Vendor QOS.ch High Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor Manifest specification-vendor QOS.ch Low Vendor pom artifactid logback-core Low Vendor pom groupid ch.qos.logback Highest Vendor pom name Logback Core Module High Vendor pom parent-artifactid logback-parent Low Product file name logback-core High Product jar package name 21 Highest Product jar package name ch Highest Product jar package name core Highest Product jar package name logback Highest Product jar package name qos Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest Bundle-Name Logback Core Module Medium Product Manifest bundle-symbolicname ch.qos.logback.core Medium Product Manifest Implementation-Title Logback Core Module High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product Manifest specification-title Logback Core Module Medium Product pom artifactid logback-core Highest Product pom groupid ch.qos.logback Highest Product pom name Logback Core Module High Product pom parent-artifactid logback-parent Medium Version file version 1.5.22 High Version Manifest Bundle-Version 1.5.22 High Version Manifest Implementation-Version 1.5.22 High Version pom version 1.5.22 Highest
Related Dependencies
logback-classic-1.5.22.jar
File Path: /home/runner/.m2/repository/ch/qos/logback/logback-classic/1.5.22/logback-classic-1.5.22.jar
MD5: eeb5c0f0a24fd772111fab1dd559038d
SHA1: b5212de704deea1a38a41a2bf8de274e7c9cd653
SHA256: 875f31c4b4dc49808e503490701a21cee3e7279800d9c76601da82685342e54b
pkg:maven/ch.qos.logback/logback-classic@1.5.22
Description:
A library (and application examples) of stochastic discrete-time Markov Chains (DTMC) in Clojure
License:
The MIT License (MIT): http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/rm-hull/markov-chains/0.1.1/markov-chains-0.1.1.jar
MD5: fe09104ac559adb0da1367b904ce70b7
SHA1: 3fd0d4c4dc53345b1c55f764f27fe157f792d69b
SHA256: 441c1da2d134e2ba63d4efbe706f58704edd5cfeb28cd1641c213e04b18bac4f
Evidence
Type Source Name Value Confidence Vendor file name markov-chains High Vendor pom artifactid markov-chains Low Vendor pom groupid rm-hull Highest Vendor pom name markov-chains High Vendor pom url rm-hull/markov-chains Highest Product file name markov-chains High Product pom artifactid markov-chains Highest Product pom groupid rm-hull Highest Product pom name markov-chains High Product pom url rm-hull/markov-chains High Version file version 0.1.1 High Version pom version 0.1.1 Highest
pkg:maven/rm-hull/markov-chains@0.1.1
(Confidence :High)
Description:
managing Clojure and ClojureScript app state since (reset)
License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/mount/mount/0.1.23/mount-0.1.23.jar
MD5: e05e8dfcf58c72d3076f4a445b4dcba4
SHA1: 8d25e82c18c07d90a365dbab7abc9ac88d464f58
SHA256: cf71918bc8e44098d9b58a962a9d7a52d38dd1e92fb9149d347aaf35e54a82be
Evidence
Type Source Name Value Confidence Vendor file name mount High Vendor pom artifactid mount Low Vendor pom developer name tolitius Medium Vendor pom groupid mount Highest Vendor pom name mount High Vendor pom url tolitius/mount Highest Product file name mount High Product pom artifactid mount Highest Product pom developer name tolitius Low Product pom groupid mount Highest Product pom name mount High Product pom url tolitius/mount High Version file version 0.1.23 High Version pom version 0.1.23 Highest
pkg:maven/mount/mount@0.1.23
(Confidence :High)
Description:
A library for handling and routing Discord interactions
License:
MIT License: https://mit-license.org
File Path: /home/runner/.m2/repository/com/github/johnnyjayjay/slash/0.6.1-SNAPSHOT/slash-0.6.1-SNAPSHOT.jar
MD5: 767b85763ca68091a9adfb2077b92aae
SHA1: 066e8d320d1c1c713b54df2fd4944ada4a2fe3eb
SHA256: 4df07f01e439471f46fbe43dc4bf189fdd27c492177b5d1d222b8c9895d11797
Evidence
Type Source Name Value Confidence Vendor file name slash High Vendor Manifest leiningen-project-artifactid slash Low Vendor pom artifactid slash Low Vendor pom groupid com.github.johnnyjayjay Highest Vendor pom name slash High Vendor pom url JohnnyJayJay/slash Highest Product file name slash High Product Manifest leiningen-project-artifactid slash Low Product pom artifactid slash Highest Product pom groupid com.github.johnnyjayjay Highest Product pom name slash High Product pom url JohnnyJayJay/slash High Version Manifest leiningen-project-version 0.6.1-SNAPSHOT Medium Version pom version 0.6.1-SNAPSHOT Highest
pkg:maven/com.github.johnnyjayjay/slash@0.6.1-SNAPSHOT
(Confidence :High)
Description:
The slf4j API
License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Evidence
Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/slf4j-api@2.0.17
(Confidence :High)
Description:
Specification of data and functions
License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/
File Path: /home/runner/.m2/repository/org/clojure/spec.alpha/0.5.238/spec.alpha-0.5.238.jar
MD5: 9f5ea5239dc04d6a8115add1e4f5f23a
SHA1: 4eb5dea521c4e6e1f68c2c47517f14a922003e60
SHA256: 94cd99b6ea639641f37af4860a643b6ed399ee5a8be5d717cff0b663c8d75077
Evidence
Type Source Name Value Confidence Vendor file name spec.alpha High Vendor jar package name alpha Highest Vendor jar package name clojure Highest Vendor jar package name clojure Low Vendor jar package name spec Highest Vendor jar package name spec Low Vendor pom artifactid spec.alpha Low Vendor pom developer id richhickey Medium Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name spec.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name spec.alpha High Product jar package name alpha Highest Product jar package name clojure Highest Product jar package name spec Highest Product jar package name spec Low Product pom artifactid spec.alpha Highest Product pom developer id richhickey Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name spec.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.5.238 High Version pom parent-version 0.5.238 Low Version pom version 0.5.238 Highest
pkg:maven/org.clojure/spec.alpha@0.5.238
(Confidence :High)
Description:
Simple ANSI text progress indicators for command line Clojure apps.
License:
MPL-2.0: https://www.mozilla.org/en-US/MPL/2.0/
File Path: /home/runner/.m2/repository/com/github/pmonks/spinner/2.0.297/spinner-2.0.297.jar
MD5: e2bfaef26c099726d2ffcad5bd78abba
SHA1: cf888bfafd5bf1d4b57436983e6106c115330b6c
SHA256: b48d8f674950695fe9b20c5bbd21c7672377b8861538731244e50e86dcb66ccc
Evidence
Type Source Name Value Confidence Vendor file name spinner High Vendor Manifest build-jdk-spec 25 Low Vendor pom artifactid spinner Low Vendor pom developer email pmonks+spinner@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name spinner High Vendor pom url pmonks/spinner Highest Product file name spinner High Product Manifest build-jdk-spec 25 Low Product pom artifactid spinner Highest Product pom developer email pmonks+spinner@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name spinner High Product pom url pmonks/spinner High Version file version 2.0.297 High Version pom version 2.0.297 Highest
pkg:maven/com.github.pmonks/spinner@2.0.297
(Confidence :High)
Description:
Stream-to-stream JSON string encoding
License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/tigris/tigris/0.1.2/tigris-0.1.2.jar
MD5: 5f33b5d6ca167cc92fb782b7d876262c
SHA1: a122db758561d995a83cbb40f252b64d8b0f506e
SHA256: 49aa648edb6c14e57095a11b391eaee606578323fb79755f92331ac6300f97a0
Evidence
Type Source Name Value Confidence Vendor file name tigris High Vendor jar package name tigris Highest Vendor jar package name tigris Low Vendor jar package name writequit Low Vendor pom artifactid tigris Low Vendor pom groupid tigris Highest Vendor pom name tigris High Vendor pom url dakrone/tigris Highest Product file name tigris High Product jar package name jsonstringescapinginputstream Low Product jar package name tigris Highest Product jar package name tigris Low Product pom artifactid tigris Highest Product pom groupid tigris Highest Product pom name tigris High Product pom url dakrone/tigris High Version file version 0.1.2 High Version pom version 0.1.2 Highest
pkg:maven/tigris/tigris@0.1.2
(Confidence :High)
Description:
An analyzer for Clojure code, written in Clojure and producing AST in EDN
File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer/1.2.0/tools.analyzer-1.2.0.jarMD5: ddc1a592cfc5ce14a2b848c7523e81d4SHA1: c74b1c275ff3fc505b1e13dd0fe85c83e8aa202cSHA256: 7801a5a7ef4fd77f560c30a638594447c3aa71ee78b7f088553b7919bd0033bb
Evidence
Type Source Name Value Confidence Vendor file name tools.analyzer High Vendor pom artifactid tools.analyzer Low Vendor pom developer id bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.analyzer High Vendor pom parent-artifactid pom.contrib Low Product file name tools.analyzer High Product pom artifactid tools.analyzer Highest Product pom developer id bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.analyzer High Product pom parent-artifactid pom.contrib Medium Version file version 1.2.0 High Version pom version 1.2.0 Highest
pkg:maven/org.clojure/tools.analyzer@1.2.0
(Confidence :High)
Description:
Additional jvm-specific passes for tools.analyzer
File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer.jvm/1.3.2/tools.analyzer.jvm-1.3.2.jarMD5: 9e5a388bc9ef6f9ab6e3643df0cb45a5SHA1: 0cf3cb32a9c0d5292645c8ba760f5e502fa0125eSHA256: d8a2d59205a21281f305f3d5439ffc302182c307f9be962a76ce814a6620693d
Evidence
Type Source Name Value Confidence Vendor file name tools.analyzer.jvm High Vendor pom artifactid tools.analyzer.jvm Low Vendor pom developer id bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.analyzer.jvm High Vendor pom parent-artifactid pom.contrib Low Product file name tools.analyzer.jvm High Product pom artifactid tools.analyzer.jvm Highest Product pom developer id bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.analyzer.jvm High Product pom parent-artifactid pom.contrib Medium Version file version 1.3.2 High Version pom parent-version 1.3.2 Low Version pom version 1.3.2 Highest
pkg:maven/org.clojure/tools.analyzer.jvm@1.3.2
(Confidence :High)
File Path: /home/runner/.m2/repository/org/clojure/tools.cli/1.2.245/tools.cli-1.2.245.jarMD5: fb5b5609d0642b5f8e32017214185c34SHA1: 3c06e80cae3c5162f60fa7c49e1f8b227396f80bSHA256: 7f100dc125c744e8038524d286ec22a18bfed14c42e7e1b66500e8c3d432c151
Evidence
Type Source Name Value Confidence Vendor file name tools.cli High Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid tools.cli Low Vendor pom developer name Gareth Jones Medium Vendor pom developer name Sean Corfield Medium Vendor pom developer name Sung Pae Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.cli High Vendor pom parent-artifactid pom.contrib Low Product file name tools.cli High Product Manifest build-jdk-spec 1.8 Low Product pom artifactid tools.cli Highest Product pom developer name Gareth Jones Low Product pom developer name Sean Corfield Low Product pom developer name Sung Pae Low Product pom groupid org.clojure Highest Product pom name tools.cli High Product pom parent-artifactid pom.contrib Medium Version file version 1.2.245 High Version pom parent-version 1.2.245 Low Version pom version 1.2.245 Highest
pkg:maven/org.clojure/tools.cli@1.2.245
(Confidence :High)
File Path: /home/runner/.m2/repository/org/clojure/tools.logging/1.3.0/tools.logging-1.3.0.jarMD5: b6b3c2ffeb27a25eab2d6e0e3a6e6b57SHA1: 07d45477c1b61230b0d1fcf36afccc02155a4b32SHA256: 826969b78d9ada327de6b7da0f176457d95614fa38c280326610f31a6b515c91
Evidence
Type Source Name Value Confidence Vendor file name tools.logging High Vendor pom artifactid tools.logging Low Vendor pom developer name Alex Taggart Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.logging High Vendor pom parent-artifactid pom.contrib Low Product file name tools.logging High Product pom artifactid tools.logging Highest Product pom developer name Alex Taggart Low Product pom groupid org.clojure Highest Product pom name tools.logging High Product pom parent-artifactid pom.contrib Medium Version file version 1.3.0 High Version pom parent-version 1.3.0 Low Version pom version 1.3.0 Highest
pkg:maven/org.clojure/tools.logging@1.3.0
(Confidence :High)
cpe:2.3:a:alex_project:alex:1.3.0:*:*:*:*:*:*:*
(Confidence :Low)
suppress
Description:
A Clojure reader in Clojure
License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/
File Path: /home/runner/.m2/repository/org/clojure/tools.reader/1.5.0/tools.reader-1.5.0.jar
MD5: 90aeb9ddb25d485920ff3fd248315d54
SHA1: 4149c49bec1f3614f76b13c0a81797cfabef112e
SHA256: bfc8f709efb843f2ccc4daa93e2842ceb86e7b8d11d5544dc0ee68b6a0f4db3c
Evidence
Type Source Name Value Confidence Vendor file name tools.reader High Vendor pom artifactid tools.reader Low Vendor pom developer id Bronsa Medium Vendor pom developer name Nicola Mometto Medium Vendor pom groupid org.clojure Highest Vendor pom name tools.reader High Vendor pom parent-artifactid pom.contrib Low Vendor pom url clojure/tools.reader Highest Product file name tools.reader High Product pom artifactid tools.reader Highest Product pom developer id Bronsa Low Product pom developer name Nicola Mometto Low Product pom groupid org.clojure Highest Product pom name tools.reader High Product pom parent-artifactid pom.contrib Medium Product pom url clojure/tools.reader High Version file version 1.5.0 High Version pom parent-version 1.5.0 Low Version pom version 1.5.0 Highest
pkg:maven/org.clojure/tools.reader@1.5.0
(Confidence :High)
Description:
Jetty module for Jetty :: Websocket :: API
License:
http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-api/9.4.58.v20250814/websocket-api-9.4.58.v20250814.jar
MD5: 9e727b200ea070b382dab0522f366510
SHA1: 8375bc732739de33bbe164989d37576762eaa38d
SHA256: 213d146065ebf2cbfa8a9c06b4cdfe79f94c0af3f93c15d9e67c0e3af015067f
Evidence
Type Source Name Value Confidence Vendor file name websocket-api High Vendor jar package name api Highest Vendor jar package name eclipse Highest Vendor jar package name jetty Highest Vendor jar package name websocket Highest Vendor Manifest automatic-module-name org.eclipse.jetty.websocket.api Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Vendor Manifest bundle-docurl https://jetty.org/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.websocket.api Medium Vendor Manifest Implementation-Vendor Eclipse Jetty Project High Vendor Manifest url https://jetty.org/ Low Vendor pom artifactid websocket-api Low Vendor pom groupid org.eclipse.jetty.websocket Highest Vendor pom name Jetty :: Websocket :: API High Vendor pom parent-artifactid websocket-parent Low Product file name websocket-api High Product jar package name api Highest Product jar package name eclipse Highest Product jar package name jetty Highest Product jar package name websocket Highest Product Manifest automatic-module-name org.eclipse.jetty.websocket.api Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Product Manifest bundle-docurl https://jetty.org/ Low Product Manifest Bundle-Name Jetty :: Websocket :: API Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.eclipse.jetty.websocket.api Medium Product Manifest url https://jetty.org/ Low Product pom artifactid websocket-api Highest Product pom groupid org.eclipse.jetty.websocket Highest Product pom name Jetty :: Websocket :: API High Product pom parent-artifactid websocket-parent Medium Version file version 9.4.58.v20250814 High Version Manifest Bundle-Version 9.4.58.v20250814 High Version Manifest Implementation-Version 9.4.58.v20250814 High Version pom version 9.4.58.v20250814 Highest
Description:
Jetty module for Jetty :: Websocket :: Client
License:
http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-client/9.4.58.v20250814/websocket-client-9.4.58.v20250814.jar
MD5: 0e6e61895792fcba7584a46b45995b2d
SHA1: def27af0dc52086738483191761bd8edd08ff625
SHA256: fdb8648fb1139ab001c8d5ebc4f3ab5baf007f48bd86ec2969c504ac3011f878
Evidence
Type Source Name Value Confidence Vendor file name websocket-client High Vendor jar package name client Highest Vendor jar package name eclipse Highest Vendor jar package name jetty Highest Vendor jar package name websocket Highest Vendor Manifest automatic-module-name org.eclipse.jetty.websocket.client Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Vendor Manifest bundle-docurl https://jetty.org/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.websocket.client Medium Vendor Manifest Implementation-Vendor Eclipse Jetty Project High Vendor Manifest url https://jetty.org/ Low Vendor pom artifactid websocket-client Low Vendor pom groupid org.eclipse.jetty.websocket Highest Vendor pom name Jetty :: Websocket :: Client High Vendor pom parent-artifactid websocket-parent Low Product file name websocket-client High Product jar package name client Highest Product jar package name eclipse Highest Product jar package name jetty Highest Product jar package name websocket Highest Product Manifest automatic-module-name org.eclipse.jetty.websocket.client Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Product Manifest bundle-docurl https://jetty.org/ Low Product Manifest Bundle-Name Jetty :: Websocket :: Client Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.eclipse.jetty.websocket.client Medium Product Manifest url https://jetty.org/ Low Product pom artifactid websocket-client Highest Product pom groupid org.eclipse.jetty.websocket Highest Product pom name Jetty :: Websocket :: Client High Product pom parent-artifactid websocket-parent Medium Version file version 9.4.58.v20250814 High Version Manifest Bundle-Version 9.4.58.v20250814 High Version Manifest Implementation-Version 9.4.58.v20250814 High Version pom version 9.4.58.v20250814 Highest
CVE-2025-11143 suppress
The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
CWE-20 Improper Input Validation
CVSSv3:
Base Score: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
Description:
Jetty module for Jetty :: Websocket :: Common
License:
http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-common/9.4.58.v20250814/websocket-common-9.4.58.v20250814.jar
MD5: 3bd0ba23faeca12f9fa9015bd83598a3
SHA1: 35d5d3b947643920cfcf82f02d0c139a7c338c5a
SHA256: 07c62b7ceaff2d7160aff98b912f28da9f2c66ed7adec972e39af5176afec1ae
Evidence
Type Source Name Value Confidence Vendor file name websocket-common High Vendor jar package name common Highest Vendor jar package name eclipse Highest Vendor jar package name jetty Highest Vendor jar package name websocket Highest Vendor Manifest automatic-module-name org.eclipse.jetty.websocket.common Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Vendor Manifest bundle-docurl https://jetty.org/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.websocket.common Medium Vendor Manifest Implementation-Vendor Eclipse Jetty Project High Vendor Manifest provide-capability osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.websocket.api.extensions.Extension" Low Vendor Manifest url https://jetty.org/ Low Vendor pom artifactid websocket-common Low Vendor pom groupid org.eclipse.jetty.websocket Highest Vendor pom name Jetty :: Websocket :: Common High Vendor pom parent-artifactid websocket-parent Low Product file name websocket-common High Product jar package name common Highest Product jar package name eclipse Highest Product jar package name jetty Highest Product jar package name websocket Highest Product Manifest automatic-module-name org.eclipse.jetty.websocket.common Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-copyright Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others. Low Product Manifest bundle-docurl https://jetty.org/ Low Product Manifest Bundle-Name Jetty :: Websocket :: Common Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname org.eclipse.jetty.websocket.common Medium Product Manifest provide-capability osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.websocket.api.extensions.Extension" Low Product Manifest url https://jetty.org/ Low Product pom artifactid websocket-common Highest Product pom groupid org.eclipse.jetty.websocket Highest Product pom name Jetty :: Websocket :: Common High Product pom parent-artifactid websocket-parent Medium Version file version 9.4.58.v20250814 High Version Manifest Bundle-Version 9.4.58.v20250814 High Version Manifest Implementation-Version 9.4.58.v20250814 High Version pom version 9.4.58.v20250814 Highest
CVE-2025-11143 suppress
The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.
CWE-20 Improper Input Validation
CVSSv3:
Base Score: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )