Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 12.1.3
Report Generated On: Tue, 16 Sep 2025 02:56:08 GMT
Dependencies Scanned: 54 (50 unique)
Vulnerable Dependencies: 1
Vulnerabilities Found: 1
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2025-09-16T02:55:58Z
NVD API Last Modified: 2025-09-15T23:15:39Z

Summary

Summary of Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Highest Severity	CVE Count	Confidence	Evidence Count
aero-1.1.6.jar		pkg:maven/aero/aero@1.1.6		0		17
asm-9.2.jar		pkg:maven/org.ow2.asm/asm@9.2		0		52
camel-snake-kebab-0.4.3.jar		pkg:maven/camel-snake-kebab/camel-snake-kebab@0.4.3		0		12
cheshire-6.1.0.jar		pkg:maven/cheshire/cheshire@6.1.0		0		19
clj-2253-0.1.0.jar		pkg:maven/org.clojars.pmonks/clj-2253@0.1.0		0		12
clj-wcwidth-1.0.125.jar		pkg:maven/com.github.pmonks/clj-wcwidth@1.0.125		0		20
clojure-1.12.2.jar	cpe:2.3:a:clojure:clojure:1.12.2:::::::*	pkg:maven/org.clojure/clojure@1.12.2		0	Highest	22
clojure.java-time-1.4.3.jar	cpe:2.3:a:time_project:time:1.4.3:::::::*	pkg:maven/clojure.java-time/clojure.java-time@1.4.3		0	Highest	17
commons-beanutils-1.11.0.jar	cpe:2.3:a:apache:commons_beanutils:1.11.0:::::::*	pkg:maven/commons-beanutils/commons-beanutils@1.11.0		0	Highest	169
commons-collections-3.2.2.jar	cpe:2.3:a:apache:commons_collections:3.2.2:::::::*	pkg:maven/commons-collections/commons-collections@3.2.2		0	Highest	83
commons-digester-2.1.jar		pkg:maven/commons-digester/commons-digester@2.1		0		97
commons-logging-1.3.5.jar		pkg:maven/commons-logging/commons-logging@1.3.5		0		128
commons-validator-1.10.0.jar		pkg:maven/commons-validator/commons-validator@1.10.0		0		129
core.async-1.8.741.jar		pkg:maven/org.clojure/core.async@1.8.741		0		21
core.cache-1.1.234.jar		pkg:maven/org.clojure/core.cache@1.1.234		0		17
core.memoize-1.1.266.jar		pkg:maven/org.clojure/core.memoize@1.1.266		0		17
core.specs.alpha-0.4.74.jar	cpe:2.3:a:alex_project:alex:0.4.74:::::::*	pkg:maven/org.clojure/core.specs.alpha@0.4.74		0	Low	17
data.json-2.3.1.jar		pkg:maven/org.clojure/data.json@2.3.1		0		19
data.priority-map-1.2.0.jar		pkg:maven/org.clojure/data.priority-map@1.2.0		0		14
discljord-1.3.1.jar		pkg:maven/com.github.discljord/discljord@1.3.1		0		12
embroidery-1.0.44.jar		pkg:maven/com.github.pmonks/embroidery@1.0.44		0		20
gniazdo-1.2.2.jar		pkg:maven/stylefruits/gniazdo@1.2.2		0		17
hato-1.0.0.jar		pkg:maven/hato/hato@1.0.0		0		17
http-kit-2.8.1.jar		pkg:maven/http-kit/http-kit@2.8.1		0		21
jackson-core-2.20.0.jar	cpe:2.3:a:fasterxml:jackson-modules-java8:2.20.0:::::::*	pkg:maven/com.fasterxml.jackson.core/jackson-core@2.20.0		0	Low	46
jackson-dataformat-cbor-2.20.0.jar	cpe:2.3:a:fasterxml:jackson-dataformats-binary:2.20.0:::::::*	pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-cbor@2.20.0		0	Low	38
jansi-2.4.1.jar		pkg:maven/org.fusesource.jansi/jansi@2.4.1		0		49
jansi-clj-1.0.5.jar		pkg:maven/jansi-clj/jansi-clj@1.0.5		0		17
jcl-over-slf4j-2.0.17.jar		pkg:maven/org.slf4j/jcl-over-slf4j@2.0.17		0		30
jetty-http-9.4.58.v20250814.jar	cpe:2.3:a:eclipse:jetty:9.4.58:20250814:::::: cpe:2.3:a:jetty:jetty:9.4.58:20250814:::::: cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814::::::	pkg:maven/org.eclipse.jetty/jetty-http@9.4.58.v20250814	MEDIUM	1	Highest	39
jetty-io-9.4.58.v20250814.jar	cpe:2.3:a:eclipse:jetty:9.4.58:20250814:::::: cpe:2.3:a:jetty:jetty:9.4.58:20250814:::::: cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814::::::	pkg:maven/org.eclipse.jetty/jetty-io@9.4.58.v20250814		0	Highest	36
jul-to-slf4j-2.0.17.jar		pkg:maven/org.slf4j/jul-to-slf4j@2.0.17		0		30
linked-1.3.0.jar		pkg:maven/frankiesardo/linked@1.3.0		0		12
log4j-over-slf4j-2.0.17.jar		pkg:maven/org.slf4j/log4j-over-slf4j@2.0.17		0		28
logback-core-1.5.18.jar	cpe:2.3:a:qos:logback:1.5.18:::::::*	pkg:maven/ch.qos.logback/logback-core@1.5.18		0	Highest	38
markov-chains-0.1.1.jar		pkg:maven/rm-hull/markov-chains@0.1.1		0		12
mount-0.1.23.jar		pkg:maven/mount/mount@0.1.23		0		14
slash-0.6.1-SNAPSHOT.jar		pkg:maven/com.github.johnnyjayjay/slash@0.6.1-SNAPSHOT		0		14
slf4j-api-2.0.17.jar		pkg:maven/org.slf4j/slf4j-api@2.0.17		0		28
spec.alpha-0.5.238.jar		pkg:maven/org.clojure/spec.alpha@0.5.238		0		26
spinner-2.0.284.jar		pkg:maven/com.github.pmonks/spinner@2.0.284		0		20
tigris-0.1.2.jar		pkg:maven/tigris/tigris@0.1.2		0		18
tools.analyzer-1.2.0.jar		pkg:maven/org.clojure/tools.analyzer@1.2.0		0		16
tools.analyzer.jvm-1.3.2.jar		pkg:maven/org.clojure/tools.analyzer.jvm@1.3.2		0		17
tools.cli-1.1.230.jar		pkg:maven/org.clojure/tools.cli@1.1.230		0		19
tools.logging-1.3.0.jar	cpe:2.3:a:alex_project:alex:1.3.0:::::::*	pkg:maven/org.clojure/tools.logging@1.3.0		0	Low	15
tools.reader-1.5.0.jar		pkg:maven/org.clojure/tools.reader@1.5.0		0		19
websocket-api-9.4.58.v20250814.jar	cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814::::::	pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.58.v20250814		0	Highest	38
websocket-client-9.4.58.v20250814.jar	cpe:2.3:a:eclipse:jetty:9.4.58:20250814:::::: cpe:2.3:a:jetty:jetty:9.4.58:20250814:::::: cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814::::::	pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.58.v20250814		0	Highest	38
websocket-common-9.4.58.v20250814.jar	cpe:2.3:a:eclipse:jetty:9.4.58:20250814:::::: cpe:2.3:a:jetty:jetty:9.4.58:20250814:::::: cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:::::: cpe:2.3:a:websocket-extensions_project:websocket-extensions:9.4.58:20250814::::::	pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.58.v20250814		0	Highest	40

Dependencies (vulnerable)

aero-1.1.6.jar

Description:

A small library for explicit, intentful configuration.

License:

The MIT License: http://opensource.org/licenses/MIT

File Path: /home/runner/.m2/repository/aero/aero/1.1.6/aero-1.1.6.jar
MD5: b23b46d2bc5fa3b636a2cb40410c1426
SHA1: dc5114c3a8905f61431c4f9dd068a9c919e731ce
SHA256:f4b0a9272da50c8091c5529c9fe355c47234f1eeb95fe92296e2c23f787f3d22

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	aero	High
Vendor	Manifest	leiningen-project-artifactid	aero	Low
Vendor	Manifest	leiningen-project-groupid	aero	Low
Vendor	pom	artifactid	aero	Low
Vendor	pom	groupid	aero	Highest
Vendor	pom	name	aero	High
Vendor	pom	url	http://github.com/juxt/aero	Highest
Product	file	name	aero	High
Product	Manifest	leiningen-project-artifactid	aero	Low
Product	Manifest	leiningen-project-groupid	aero	Low
Product	pom	artifactid	aero	Highest
Product	pom	groupid	aero	Highest
Product	pom	name	aero	High
Product	pom	url	http://github.com/juxt/aero	Medium
Version	file	version	1.1.6	High
Version	Manifest	leiningen-project-version	1.1.6	Medium
Version	pom	version	1.1.6	Highest

Identifiers

pkg:maven/aero/aero@1.1.6 (Confidence:High)

asm-9.2.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html

File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.2/asm-9.2.jar
MD5: 8f184dce9b1bedc675d4a3640d43ddf0
SHA1: 81a03f76019c67362299c40e0ba13405f5467bff
SHA256:b9d4fe4d71938df38839f0eca42aaaa64cf8b313d678da036f0cb3ca199b47f5

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	asm	High
Vendor	jar	package name	asm	Highest
Vendor	jar	package name	objectweb	Highest
Vendor	Manifest	bundle-docurl	http://asm.ow2.org	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	J2SE-1.5	Low
Vendor	Manifest	bundle-symbolicname	org.objectweb.asm	Medium
Vendor	pom	artifactid	asm	Low
Vendor	pom	developer email	ebruneton@free.fr	Low
Vendor	pom	developer email	eu@javatx.org	Low
Vendor	pom	developer email	forax@univ-mlv.fr	Low
Vendor	pom	developer id	ebruneton	Medium
Vendor	pom	developer id	eu	Medium
Vendor	pom	developer id	forax	Medium
Vendor	pom	developer name	Eric Bruneton	Medium
Vendor	pom	developer name	Eugene Kuleshov	Medium
Vendor	pom	developer name	Remi Forax	Medium
Vendor	pom	groupid	org.ow2.asm	Highest
Vendor	pom	name	asm	High
Vendor	pom	organization name	OW2	High
Vendor	pom	organization url	http://www.ow2.org/	Medium
Vendor	pom	parent-artifactid	ow2	Low
Vendor	pom	parent-groupid	org.ow2	Medium
Vendor	pom	url	http://asm.ow2.io/	Highest
Product	file	name	asm	High
Product	jar	package name	asm	Highest
Product	jar	package name	objectweb	Highest
Product	Manifest	bundle-docurl	http://asm.ow2.org	Low
Product	Manifest	Bundle-Name	org.objectweb.asm	Medium
Product	Manifest	bundle-requiredexecutionenvironment	J2SE-1.5	Low
Product	Manifest	bundle-symbolicname	org.objectweb.asm	Medium
Product	Manifest	Implementation-Title	ASM, a very small and fast Java bytecode manipulation framework	High
Product	pom	artifactid	asm	Highest
Product	pom	developer email	ebruneton@free.fr	Low
Product	pom	developer email	eu@javatx.org	Low
Product	pom	developer email	forax@univ-mlv.fr	Low
Product	pom	developer id	ebruneton	Low
Product	pom	developer id	eu	Low
Product	pom	developer id	forax	Low
Product	pom	developer name	Eric Bruneton	Low
Product	pom	developer name	Eugene Kuleshov	Low
Product	pom	developer name	Remi Forax	Low
Product	pom	groupid	org.ow2.asm	Highest
Product	pom	name	asm	High
Product	pom	organization name	OW2	Low
Product	pom	organization url	http://www.ow2.org/	Low
Product	pom	parent-artifactid	ow2	Medium
Product	pom	parent-groupid	org.ow2	Medium
Product	pom	url	http://asm.ow2.io/	Medium
Version	file	version	9.2	High
Version	Manifest	Implementation-Version	9.2	High
Version	pom	parent-version	9.2	Low
Version	pom	version	9.2	Highest

Identifiers

pkg:maven/org.ow2.asm/asm@9.2 (Confidence:High)

camel-snake-kebab-0.4.3.jar

Description:

A library for word case conversions.

License:

Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html

File Path: /home/runner/.m2/repository/camel-snake-kebab/camel-snake-kebab/0.4.3/camel-snake-kebab-0.4.3.jar
MD5: 4591ec721d8bbe8347ff82ef91c57514
SHA1: 5ae08f83ceb8959971e6334596bff0214bf6fdf2
SHA256:8191f335776310d7857a40ad33254be66adb363806b18136d8843196923ac2c8

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	camel-snake-kebab	High
Vendor	pom	artifactid	camel-snake-kebab	Low
Vendor	pom	groupid	camel-snake-kebab	Highest
Vendor	pom	name	camel-snake-kebab	High
Vendor	pom	url	https://clj-commons.org/camel-snake-kebab/	Highest
Product	file	name	camel-snake-kebab	High
Product	pom	artifactid	camel-snake-kebab	Highest
Product	pom	groupid	camel-snake-kebab	Highest
Product	pom	name	camel-snake-kebab	High
Product	pom	url	https://clj-commons.org/camel-snake-kebab/	Medium
Version	file	version	0.4.3	High
Version	pom	version	0.4.3	Highest

Identifiers

pkg:maven/camel-snake-kebab/camel-snake-kebab@0.4.3 (Confidence:High)

cheshire-6.1.0.jar

Description:

JSON and JSON SMILE encoding, fast.

License:

The MIT License: http://opensource.org/licenses/MIT

File Path: /home/runner/.m2/repository/cheshire/cheshire/6.1.0/cheshire-6.1.0.jar
MD5: 073def678759286c8000e40e783d3d54
SHA1: d4b11693fcc54dd174e9a946531edd1313d9f767
SHA256:aee0ab6e448195aa095f22c428e20d2bc610591c54c10ec3e183dd3b081639c2

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	cheshire	High
Vendor	jar	package name	cheshire	Highest
Vendor	Manifest	leiningen-project-artifactid	cheshire	Low
Vendor	Manifest	leiningen-project-groupid	cheshire	Low
Vendor	pom	artifactid	cheshire	Low
Vendor	pom	groupid	cheshire	Highest
Vendor	pom	name	cheshire	High
Vendor	pom	url	dakrone/cheshire	Highest
Product	file	name	cheshire	High
Product	jar	package name	cheshire	Highest
Product	Manifest	leiningen-project-artifactid	cheshire	Low
Product	Manifest	leiningen-project-groupid	cheshire	Low
Product	pom	artifactid	cheshire	Highest
Product	pom	groupid	cheshire	Highest
Product	pom	name	cheshire	High
Product	pom	url	dakrone/cheshire	High
Version	file	version	6.1.0	High
Version	Manifest	leiningen-project-version	6.1.0	Medium
Version	pom	version	6.1.0	Highest

Identifiers

pkg:maven/cheshire/cheshire@6.1.0 (Confidence:High)

clj-2253-0.1.0.jar

Description:

A workaround for https://dev.clojure.org/jira/browse/CLJ-2253

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0

File Path: /home/runner/.m2/repository/org/clojars/pmonks/clj-2253/0.1.0/clj-2253-0.1.0.jar
MD5: cbf13845d65489fac031aee4666b230f
SHA1: 72d1f88f05bbc3b1eb468c33815a417faaa49984
SHA256:7409e379bd788541b80b38872ca5668f9695b0214a2898ca78828cb476115d51

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	clj-2253	High
Vendor	pom	artifactid	clj-2253	Low
Vendor	pom	groupid	org.clojars.pmonks	Highest
Vendor	pom	name	clj-2253	High
Vendor	pom	url	pmonks/CLJ-2253	Highest
Product	file	name	clj-2253	High
Product	pom	artifactid	clj-2253	Highest
Product	pom	groupid	org.clojars.pmonks	Highest
Product	pom	name	clj-2253	High
Product	pom	url	pmonks/CLJ-2253	High
Version	file	version	0.1.0	High
Version	pom	version	0.1.0	Highest

Identifiers

pkg:maven/org.clojars.pmonks/clj-2253@0.1.0 (Confidence:High)

clj-wcwidth-1.0.125.jar

Description:

Pure Clojure implementations of wcwidth/wcswidth.

License:

MPL-2.0: https://www.mozilla.org/en-US/MPL/2.0/

File Path: /home/runner/.m2/repository/com/github/pmonks/clj-wcwidth/1.0.125/clj-wcwidth-1.0.125.jar
MD5: fb2783e0e04721939202cd0a51f698e5
SHA1: 20d2e7ce47326798b40d0952e04abab86d38e770
SHA256:30a64ed364f7d2c05088c18ef095dc0695241bca9e0a46e8aa35c944e28152a1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	clj-wcwidth	High
Vendor	Manifest	build-jdk-spec	24	Low
Vendor	pom	artifactid	clj-wcwidth	Low
Vendor	pom	developer email	pmonks+wcwidth@gmail.com	Low
Vendor	pom	developer id	pmonks	Medium
Vendor	pom	developer name	Peter Monks	Medium
Vendor	pom	groupid	com.github.pmonks	Highest
Vendor	pom	name	clj-wcwidth	High
Vendor	pom	url	pmonks/clj-wcwidth	Highest
Product	file	name	clj-wcwidth	High
Product	Manifest	build-jdk-spec	24	Low
Product	pom	artifactid	clj-wcwidth	Highest
Product	pom	developer email	pmonks+wcwidth@gmail.com	Low
Product	pom	developer id	pmonks	Low
Product	pom	developer name	Peter Monks	Low
Product	pom	groupid	com.github.pmonks	Highest
Product	pom	name	clj-wcwidth	High
Product	pom	url	pmonks/clj-wcwidth	High
Version	file	version	1.0.125	High
Version	pom	version	1.0.125	Highest

Identifiers

pkg:maven/com.github.pmonks/clj-wcwidth@1.0.125 (Confidence:High)

clojure-1.12.2.jar

Description:

Clojure core environment and runtime library.

License:

Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php

File Path: /home/runner/.m2/repository/org/clojure/clojure/1.12.2/clojure-1.12.2.jar
MD5: bf6e313fb5103581311243e278bfd1c2
SHA1: 2bb95a314b4138d393b61bc36f489f1dfedf831e
SHA256:a58bf807ecefecaea222b8b8b47e14368ee8e32cb4540b3ffefff8ca0953480d

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	clojure	High
Vendor	jar	package name	clojure	Highest
Vendor	jar	package name	core	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	pom	artifactid	clojure	Low
Vendor	pom	developer email	richhickey@gmail.com	Low
Vendor	pom	developer name	Rich Hickey	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	clojure	High
Vendor	pom	url	http://clojure.org/	Highest
Product	file	name	clojure	High
Product	jar	package name	clojure	Highest
Product	jar	package name	core	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	pom	artifactid	clojure	Highest
Product	pom	developer email	richhickey@gmail.com	Low
Product	pom	developer name	Rich Hickey	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	clojure	High
Product	pom	url	http://clojure.org/	Medium
Version	file	version	1.12.2	High
Version	pom	version	1.12.2	Highest

Identifiers

pkg:maven/org.clojure/clojure@1.12.2 (Confidence:High)
cpe:2.3:a:clojure:clojure:1.12.2:*:*:*:*:*:*:* (Confidence:Highest)

clojure.java-time-1.4.3.jar

Description:

Clojure wrapper for Java 8 Time API

License:

MIT License: http://opensource.org/licenses/MIT

File Path: /home/runner/.m2/repository/clojure/java-time/clojure.java-time/1.4.3/clojure.java-time-1.4.3.jar
MD5: fce88000603ed0dea2be33e0fffa5836
SHA1: 11cea239151350d663d35f03913e07626ca69f01
SHA256:8f7e14031a531c1bc79859f4deabe215f8c15f81d66e09bdf7b4d9749b8325a7

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	clojure.java-time	High
Vendor	Manifest	leiningen-project-artifactid	clojure.java-time	Low
Vendor	Manifest	leiningen-project-groupid	clojure.java-time	Low
Vendor	pom	artifactid	clojure.java-time	Low
Vendor	pom	groupid	clojure.java-time	Highest
Vendor	pom	name	clojure.java-time	High
Vendor	pom	url	http://github.com/dm3/clojure.java-time	Highest
Product	file	name	clojure.java-time	High
Product	Manifest	leiningen-project-artifactid	clojure.java-time	Low
Product	Manifest	leiningen-project-groupid	clojure.java-time	Low
Product	pom	artifactid	clojure.java-time	Highest
Product	pom	groupid	clojure.java-time	Highest
Product	pom	name	clojure.java-time	High
Product	pom	url	http://github.com/dm3/clojure.java-time	Medium
Version	file	version	1.4.3	High
Version	Manifest	leiningen-project-version	1.4.3	Medium
Version	pom	version	1.4.3	Highest

Identifiers

pkg:maven/clojure.java-time/clojure.java-time@1.4.3 (Confidence:High)
cpe:2.3:a:time_project:time:1.4.3:*:*:*:*:*:*:* (Confidence:Highest)

commons-beanutils-1.11.0.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.11.0/commons-beanutils-1.11.0.jar
MD5: 32ed51f196dfda19e0dc1ce53eeed29e
SHA1: ac03ea606d13de04c2e4508227680faff151f491
SHA256:9e44ba68ec9a3f21286fa2a8bbb003b735c0f69101bb43144b79f4f8aaa74709

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-beanutils	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	beanutils	Highest
Vendor	jar	package name	commons	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-beanutils	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.commons-beanutils	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	Implementation-Vendor-Id	org.apache	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-beanutils	Low
Vendor	pom	developer email	britter@apache.org	Low
Vendor	pom	developer email	chtompki@apache.org	Low
Vendor	pom	developer email	craigmcc@apache.org	Low
Vendor	pom	developer email	dion@apache.org	Low
Vendor	pom	developer email	epugh@apache.org	Low
Vendor	pom	developer email	geirm@apache.org	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	jcarman@apache.org	Low
Vendor	pom	developer email	jconlon@apache.org	Low
Vendor	pom	developer email	jstrachan@apache.org	Low
Vendor	pom	developer email	morgand@apache.org	Low
Vendor	pom	developer email	mvdb@apache.org	Low
Vendor	pom	developer email	niallp@apache.org	Low
Vendor	pom	developer email	rdonkin@apache.org	Low
Vendor	pom	developer email	rwaldhoff@apache.org	Low
Vendor	pom	developer email	sanders@apache.org	Low
Vendor	pom	developer email	scolebourne@apache.org	Low
Vendor	pom	developer email	skitching@apache.org	Low
Vendor	pom	developer email	stain@apache.org	Low
Vendor	pom	developer email	tobrien@apache.org	Low
Vendor	pom	developer email	yoavs@apache.org	Low
Vendor	pom	developer id	britter	Medium
Vendor	pom	developer id	chtompki	Medium
Vendor	pom	developer id	craigmcc	Medium
Vendor	pom	developer id	dion	Medium
Vendor	pom	developer id	epugh	Medium
Vendor	pom	developer id	geirm	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	jcarman	Medium
Vendor	pom	developer id	jconlon	Medium
Vendor	pom	developer id	jstrachan	Medium
Vendor	pom	developer id	morgand	Medium
Vendor	pom	developer id	mvdb	Medium
Vendor	pom	developer id	niallp	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	rwaldhoff	Medium
Vendor	pom	developer id	sanders	Medium
Vendor	pom	developer id	scolebourne	Medium
Vendor	pom	developer id	skitching	Medium
Vendor	pom	developer id	stain	Medium
Vendor	pom	developer id	tobrien	Medium
Vendor	pom	developer id	yoavs	Medium
Vendor	pom	developer name	Benedikt Ritter	Medium
Vendor	pom	developer name	Craig McClanahan	Medium
Vendor	pom	developer name	David Eric Pugh	Medium
Vendor	pom	developer name	Dion Gillard	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Geir Magnusson Jr.	Medium
Vendor	pom	developer name	James Carman	Medium
Vendor	pom	developer name	James Strachan	Medium
Vendor	pom	developer name	John E. Conlon	Medium
Vendor	pom	developer name	Martin van den Bemt	Medium
Vendor	pom	developer name	Morgan James Delagrange	Medium
Vendor	pom	developer name	Niall Pemberton	Medium
Vendor	pom	developer name	Rob Tompkins	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Rodney Waldhoff	Medium
Vendor	pom	developer name	Scott Sanders	Medium
Vendor	pom	developer name	Simon Kitching	Medium
Vendor	pom	developer name	Stephen Colebourne	Medium
Vendor	pom	developer name	Stian Soiland-Reyes	Medium
Vendor	pom	developer name	Tim O'Brien	Medium
Vendor	pom	developer name	Yoav Shapira	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	commons-beanutils	Highest
Vendor	pom	name	Apache Commons BeanUtils	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	parent-groupid	org.apache.commons	Medium
Vendor	pom	url	https://commons.apache.org/proper/commons-beanutils	Highest
Product	file	name	commons-beanutils	High
Product	jar	package name	apache	Highest
Product	jar	package name	beanutils	Highest
Product	jar	package name	commons	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-beanutils	Low
Product	Manifest	Bundle-Name	Apache Commons BeanUtils	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.commons-beanutils	Medium
Product	Manifest	Implementation-Title	Apache Commons BeanUtils	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons BeanUtils	Medium
Product	pom	artifactid	commons-beanutils	Highest
Product	pom	developer email	britter@apache.org	Low
Product	pom	developer email	chtompki@apache.org	Low
Product	pom	developer email	craigmcc@apache.org	Low
Product	pom	developer email	dion@apache.org	Low
Product	pom	developer email	epugh@apache.org	Low
Product	pom	developer email	geirm@apache.org	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	jcarman@apache.org	Low
Product	pom	developer email	jconlon@apache.org	Low
Product	pom	developer email	jstrachan@apache.org	Low
Product	pom	developer email	morgand@apache.org	Low
Product	pom	developer email	mvdb@apache.org	Low
Product	pom	developer email	niallp@apache.org	Low
Product	pom	developer email	rdonkin@apache.org	Low
Product	pom	developer email	rwaldhoff@apache.org	Low
Product	pom	developer email	sanders@apache.org	Low
Product	pom	developer email	scolebourne@apache.org	Low
Product	pom	developer email	skitching@apache.org	Low
Product	pom	developer email	stain@apache.org	Low
Product	pom	developer email	tobrien@apache.org	Low
Product	pom	developer email	yoavs@apache.org	Low
Product	pom	developer id	britter	Low
Product	pom	developer id	chtompki	Low
Product	pom	developer id	craigmcc	Low
Product	pom	developer id	dion	Low
Product	pom	developer id	epugh	Low
Product	pom	developer id	geirm	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	jcarman	Low
Product	pom	developer id	jconlon	Low
Product	pom	developer id	jstrachan	Low
Product	pom	developer id	morgand	Low
Product	pom	developer id	mvdb	Low
Product	pom	developer id	niallp	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	rwaldhoff	Low
Product	pom	developer id	sanders	Low
Product	pom	developer id	scolebourne	Low
Product	pom	developer id	skitching	Low
Product	pom	developer id	stain	Low
Product	pom	developer id	tobrien	Low
Product	pom	developer id	yoavs	Low
Product	pom	developer name	Benedikt Ritter	Low
Product	pom	developer name	Craig McClanahan	Low
Product	pom	developer name	David Eric Pugh	Low
Product	pom	developer name	Dion Gillard	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Geir Magnusson Jr.	Low
Product	pom	developer name	James Carman	Low
Product	pom	developer name	James Strachan	Low
Product	pom	developer name	John E. Conlon	Low
Product	pom	developer name	Martin van den Bemt	Low
Product	pom	developer name	Morgan James Delagrange	Low
Product	pom	developer name	Niall Pemberton	Low
Product	pom	developer name	Rob Tompkins	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Rodney Waldhoff	Low
Product	pom	developer name	Scott Sanders	Low
Product	pom	developer name	Simon Kitching	Low
Product	pom	developer name	Stephen Colebourne	Low
Product	pom	developer name	Stian Soiland-Reyes	Low
Product	pom	developer name	Tim O'Brien	Low
Product	pom	developer name	Yoav Shapira	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	commons-beanutils	Highest
Product	pom	name	Apache Commons BeanUtils	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	parent-groupid	org.apache.commons	Medium
Product	pom	url	https://commons.apache.org/proper/commons-beanutils	Medium
Version	file	version	1.11.0	High
Version	Manifest	Bundle-Version	1.11.0	High
Version	Manifest	Implementation-Version	1.11.0	High
Version	pom	parent-version	1.11.0	Low
Version	pom	version	1.11.0	Highest

Identifiers

pkg:maven/commons-beanutils/commons-beanutils@1.11.0 (Confidence:High)
cpe:2.3:a:apache:commons_beanutils:1.11.0:*:*:*:*:*:*:* (Confidence:Highest)

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-collections	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	collections	Highest
Vendor	jar	package name	commons	Highest
Vendor	Manifest	bundle-docurl	http://commons.apache.org/collections/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.collections	Medium
Vendor	Manifest	implementation-build	tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100	Low
Vendor	Manifest	implementation-url	http://commons.apache.org/collections/	Low
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	Implementation-Vendor-Id	org.apache	Medium
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-collections	Low
Vendor	pom	developer id	amamment	Medium
Vendor	pom	developer id	bayard	Medium
Vendor	pom	developer id	craigmcc	Medium
Vendor	pom	developer id	geirm	Medium
Vendor	pom	developer id	jcarman	Medium
Vendor	pom	developer id	matth	Medium
Vendor	pom	developer id	morgand	Medium
Vendor	pom	developer id	psteitz	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	rwaldhoff	Medium
Vendor	pom	developer id	scolebourne	Medium
Vendor	pom	developer name	Arun M. Thomas	Medium
Vendor	pom	developer name	Craig McClanahan	Medium
Vendor	pom	developer name	Geir Magnusson	Medium
Vendor	pom	developer name	Henri Yandell	Medium
Vendor	pom	developer name	James Carman	Medium
Vendor	pom	developer name	Matthew Hawthorne	Medium
Vendor	pom	developer name	Morgan Delagrange	Medium
Vendor	pom	developer name	Phil Steitz	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Rodney Waldhoff	Medium
Vendor	pom	developer name	Stephen Colebourne	Medium
Vendor	pom	groupid	commons-collections	Highest
Vendor	pom	name	Apache Commons Collections	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	parent-groupid	org.apache.commons	Medium
Vendor	pom	url	http://commons.apache.org/collections/	Highest
Product	file	name	commons-collections	High
Product	jar	package name	apache	Highest
Product	jar	package name	collections	Highest
Product	jar	package name	commons	Highest
Product	Manifest	bundle-docurl	http://commons.apache.org/collections/	Low
Product	Manifest	Bundle-Name	Apache Commons Collections	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.collections	Medium
Product	Manifest	implementation-build	tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100	Low
Product	Manifest	Implementation-Title	Apache Commons Collections	High
Product	Manifest	implementation-url	http://commons.apache.org/collections/	Low
Product	Manifest	specification-title	Apache Commons Collections	Medium
Product	pom	artifactid	commons-collections	Highest
Product	pom	developer id	amamment	Low
Product	pom	developer id	bayard	Low
Product	pom	developer id	craigmcc	Low
Product	pom	developer id	geirm	Low
Product	pom	developer id	jcarman	Low
Product	pom	developer id	matth	Low
Product	pom	developer id	morgand	Low
Product	pom	developer id	psteitz	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	rwaldhoff	Low
Product	pom	developer id	scolebourne	Low
Product	pom	developer name	Arun M. Thomas	Low
Product	pom	developer name	Craig McClanahan	Low
Product	pom	developer name	Geir Magnusson	Low
Product	pom	developer name	Henri Yandell	Low
Product	pom	developer name	James Carman	Low
Product	pom	developer name	Matthew Hawthorne	Low
Product	pom	developer name	Morgan Delagrange	Low
Product	pom	developer name	Phil Steitz	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Rodney Waldhoff	Low
Product	pom	developer name	Stephen Colebourne	Low
Product	pom	groupid	commons-collections	Highest
Product	pom	name	Apache Commons Collections	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	parent-groupid	org.apache.commons	Medium
Product	pom	url	http://commons.apache.org/collections/	Medium
Version	file	version	3.2.2	High
Version	Manifest	Bundle-Version	3.2.2	High
Version	Manifest	Implementation-Version	3.2.2	High
Version	pom	parent-version	3.2.2	Low
Version	pom	version	3.2.2	Highest

Identifiers

pkg:maven/commons-collections/commons-collections@3.2.2 (Confidence:High)
cpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:* (Confidence:Highest)

commons-digester-2.1.jar

Description:

    The Digester package lets you configure an XML to Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256:e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-digester	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	digester	Highest
Vendor	jar	package name	rules	Highest
Vendor	Manifest	bundle-docurl	http://commons.apache.org/digester/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.digester	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	Implementation-Vendor-Id	org.apache	Medium
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-digester	Low
Vendor	pom	developer email	craigmcc@apache.org	Low
Vendor	pom	developer email	jfarcand@apache.org	Low
Vendor	pom	developer email	jstrachan@apache.org	Low
Vendor	pom	developer email	jvanzyl@apache.org	Low
Vendor	pom	developer email	rahul AT apache DOT org	Low
Vendor	pom	developer email	rdonkin@apache.org	Low
Vendor	pom	developer email	sanders@totalsync.com	Low
Vendor	pom	developer email	simonetripodi AT apache DOT org	Low
Vendor	pom	developer email	skitching@apache.org	Low
Vendor	pom	developer email	tobrien@apache.org	Low
Vendor	pom	developer id	craigmcc	Medium
Vendor	pom	developer id	jfarcand	Medium
Vendor	pom	developer id	jstrachan	Medium
Vendor	pom	developer id	jvanzyl	Medium
Vendor	pom	developer id	rahul	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	sanders	Medium
Vendor	pom	developer id	simonetripodi	Medium
Vendor	pom	developer id	skitching	Medium
Vendor	pom	developer id	tobrien	Medium
Vendor	pom	developer name	Craig McClanahan	Medium
Vendor	pom	developer name	James Strachan	Medium
Vendor	pom	developer name	Jason van Zyl	Medium
Vendor	pom	developer name	Jean-Francois Arcand	Medium
Vendor	pom	developer name	Rahul Akolkar	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Scott Sanders	Medium
Vendor	pom	developer name	Simon Kitching	Medium
Vendor	pom	developer name	Simone Tripodi	Medium
Vendor	pom	developer name	Tim OBrien	Medium
Vendor	pom	groupid	commons-digester	Highest
Vendor	pom	name	Commons Digester	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	parent-groupid	org.apache.commons	Medium
Vendor	pom	url	http://commons.apache.org/digester/	Highest
Product	file	name	commons-digester	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	digester	Highest
Product	jar	package name	rules	Highest
Product	Manifest	bundle-docurl	http://commons.apache.org/digester/	Low
Product	Manifest	Bundle-Name	Commons Digester	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.digester	Medium
Product	Manifest	Implementation-Title	Commons Digester	High
Product	Manifest	specification-title	Commons Digester	Medium
Product	pom	artifactid	commons-digester	Highest
Product	pom	developer email	craigmcc@apache.org	Low
Product	pom	developer email	jfarcand@apache.org	Low
Product	pom	developer email	jstrachan@apache.org	Low
Product	pom	developer email	jvanzyl@apache.org	Low
Product	pom	developer email	rahul AT apache DOT org	Low
Product	pom	developer email	rdonkin@apache.org	Low
Product	pom	developer email	sanders@totalsync.com	Low
Product	pom	developer email	simonetripodi AT apache DOT org	Low
Product	pom	developer email	skitching@apache.org	Low
Product	pom	developer email	tobrien@apache.org	Low
Product	pom	developer id	craigmcc	Low
Product	pom	developer id	jfarcand	Low
Product	pom	developer id	jstrachan	Low
Product	pom	developer id	jvanzyl	Low
Product	pom	developer id	rahul	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	sanders	Low
Product	pom	developer id	simonetripodi	Low
Product	pom	developer id	skitching	Low
Product	pom	developer id	tobrien	Low
Product	pom	developer name	Craig McClanahan	Low
Product	pom	developer name	James Strachan	Low
Product	pom	developer name	Jason van Zyl	Low
Product	pom	developer name	Jean-Francois Arcand	Low
Product	pom	developer name	Rahul Akolkar	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Scott Sanders	Low
Product	pom	developer name	Simon Kitching	Low
Product	pom	developer name	Simone Tripodi	Low
Product	pom	developer name	Tim OBrien	Low
Product	pom	groupid	commons-digester	Highest
Product	pom	name	Commons Digester	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	parent-groupid	org.apache.commons	Medium
Product	pom	url	http://commons.apache.org/digester/	Medium
Version	file	version	2.1	High
Version	Manifest	Bundle-Version	2.1	High
Version	Manifest	Implementation-Version	2.1	High
Version	pom	parent-version	2.1	Low
Version	pom	version	2.1	Highest

Identifiers

pkg:maven/commons-digester/commons-digester@2.1 (Confidence:High)

commons-logging-1.3.5.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well-known logging systems.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256:6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-logging	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	logging	Highest
Vendor	Manifest	automatic-module-name	org.apache.commons.logging	Medium
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-logging/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.commons-logging	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-logging	Low
Vendor	pom	developer email	baliuka@apache.org	Low
Vendor	pom	developer email	costin@apache.org	Low
Vendor	pom	developer email	craigmcc@apache.org	Low
Vendor	pom	developer email	dennisl@apache.org	Low
Vendor	pom	developer email	donaldp@apache.org	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	morgand@apache.org	Low
Vendor	pom	developer email	rdonkin@apache.org	Low
Vendor	pom	developer email	rsitze@apache.org	Low
Vendor	pom	developer email	rwaldhoff@apache.org	Low
Vendor	pom	developer email	sanders@apache.org	Low
Vendor	pom	developer email	skitching@apache.org	Low
Vendor	pom	developer email	tn@apache.org	Low
Vendor	pom	developer id	baliuka	Medium
Vendor	pom	developer id	bstansberry	Medium
Vendor	pom	developer id	costin	Medium
Vendor	pom	developer id	craigmcc	Medium
Vendor	pom	developer id	dennisl	Medium
Vendor	pom	developer id	donaldp	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	morgand	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	rsitze	Medium
Vendor	pom	developer id	rwaldhoff	Medium
Vendor	pom	developer id	sanders	Medium
Vendor	pom	developer id	skitching	Medium
Vendor	pom	developer id	tn	Medium
Vendor	pom	developer name	Brian Stansberry	Medium
Vendor	pom	developer name	Costin Manolache	Medium
Vendor	pom	developer name	Craig McClanahan	Medium
Vendor	pom	developer name	Dennis Lundberg	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Juozas Baliuka	Medium
Vendor	pom	developer name	Morgan Delagrange	Medium
Vendor	pom	developer name	Peter Donald	Medium
Vendor	pom	developer name	Richard Sitze	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Rodney Waldhoff	Medium
Vendor	pom	developer name	Scott Sanders	Medium
Vendor	pom	developer name	Simon Kitching	Medium
Vendor	pom	developer name	Thomas Neidhart	Medium
Vendor	pom	developer org	Apache	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	commons-logging	Highest
Vendor	pom	name	Apache Commons Logging	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	parent-groupid	org.apache.commons	Medium
Vendor	pom	url	https://commons.apache.org/proper/commons-logging/	Highest
Product	file	name	commons-logging	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	logging	Highest
Product	Manifest	automatic-module-name	org.apache.commons.logging	Medium
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-logging/	Low
Product	Manifest	Bundle-Name	Apache Commons Logging	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.commons-logging	Medium
Product	Manifest	Implementation-Title	Apache Commons Logging	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons Logging	Medium
Product	pom	artifactid	commons-logging	Highest
Product	pom	developer email	baliuka@apache.org	Low
Product	pom	developer email	costin@apache.org	Low
Product	pom	developer email	craigmcc@apache.org	Low
Product	pom	developer email	dennisl@apache.org	Low
Product	pom	developer email	donaldp@apache.org	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	morgand@apache.org	Low
Product	pom	developer email	rdonkin@apache.org	Low
Product	pom	developer email	rsitze@apache.org	Low
Product	pom	developer email	rwaldhoff@apache.org	Low
Product	pom	developer email	sanders@apache.org	Low
Product	pom	developer email	skitching@apache.org	Low
Product	pom	developer email	tn@apache.org	Low
Product	pom	developer id	baliuka	Low
Product	pom	developer id	bstansberry	Low
Product	pom	developer id	costin	Low
Product	pom	developer id	craigmcc	Low
Product	pom	developer id	dennisl	Low
Product	pom	developer id	donaldp	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	morgand	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	rsitze	Low
Product	pom	developer id	rwaldhoff	Low
Product	pom	developer id	sanders	Low
Product	pom	developer id	skitching	Low
Product	pom	developer id	tn	Low
Product	pom	developer name	Brian Stansberry	Low
Product	pom	developer name	Costin Manolache	Low
Product	pom	developer name	Craig McClanahan	Low
Product	pom	developer name	Dennis Lundberg	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Juozas Baliuka	Low
Product	pom	developer name	Morgan Delagrange	Low
Product	pom	developer name	Peter Donald	Low
Product	pom	developer name	Richard Sitze	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Rodney Waldhoff	Low
Product	pom	developer name	Scott Sanders	Low
Product	pom	developer name	Simon Kitching	Low
Product	pom	developer name	Thomas Neidhart	Low
Product	pom	developer org	Apache	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	commons-logging	Highest
Product	pom	name	Apache Commons Logging	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	parent-groupid	org.apache.commons	Medium
Product	pom	url	https://commons.apache.org/proper/commons-logging/	Medium
Version	file	version	1.3.5	High
Version	Manifest	Bundle-Version	1.3.5	High
Version	Manifest	Implementation-Version	1.3.5	High
Version	pom	parent-version	1.3.5	Low
Version	pom	version	1.3.5	Highest

Identifiers

pkg:maven/commons-logging/commons-logging@1.3.5 (Confidence:High)

commons-validator-1.10.0.jar

Description:

    Apache Commons Validator provides the building blocks for both client-side and server-side data validation.
    It may be used standalone or with a framework like Struts.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/commons-validator/commons-validator/1.10.0/commons-validator-1.10.0.jar
MD5: 0df2e89ebc974b8f463a945aa117c0af
SHA1: 67d0118c86cb4cea02a3bda1ffe0baeecdfc8e37
SHA256:0d1600cddc24af7f49b5eb01e31adda3ce3b25f236c8c75eaecdf78428469eb9

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-validator	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	validator	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://commons.apache.org/proper/commons-validator/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.commons-validator	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	Implementation-Vendor-Id	org.apache	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-validator	Low
Vendor	pom	developer email	craigmcc@apache.org	Low
Vendor	pom	developer email	dgraham@apache.org	Low
Vendor	pom	developer email	dwinterfeldt@apache.org	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	husted@apache.org	Low
Vendor	pom	developer email	jmitchell NOSPAM apache.org	Low
Vendor	pom	developer email	martinc@apache.org	Low
Vendor	pom	developer email	mrdon@apache.org	Low
Vendor	pom	developer email	rleland at apache.org	Low
Vendor	pom	developer email	turner@apache.org	Low
Vendor	pom	developer id	bayard	Medium
Vendor	pom	developer id	britter	Medium
Vendor	pom	developer id	bspeakmon	Medium
Vendor	pom	developer id	craigmcc	Medium
Vendor	pom	developer id	dgraham	Medium
Vendor	pom	developer id	dwinterfeldt	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	husted	Medium
Vendor	pom	developer id	jmitchell	Medium
Vendor	pom	developer id	martinc	Medium
Vendor	pom	developer id	mrdon	Medium
Vendor	pom	developer id	niallp	Medium
Vendor	pom	developer id	nick	Medium
Vendor	pom	developer id	rleland	Medium
Vendor	pom	developer id	simonetripodi	Medium
Vendor	pom	developer id	turner	Medium
Vendor	pom	developer name	Ben Speakmon	Medium
Vendor	pom	developer name	Benedikt Ritter	Medium
Vendor	pom	developer name	Craig McClanahan	Medium
Vendor	pom	developer name	David Graham	Medium
Vendor	pom	developer name	David Winterfeldt	Medium
Vendor	pom	developer name	Don Brown	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Henri Yandell	Medium
Vendor	pom	developer name	James Mitchell	Medium
Vendor	pom	developer name	James Turner	Medium
Vendor	pom	developer name	Martin Cooper	Medium
Vendor	pom	developer name	Niall Pemberton	Medium
Vendor	pom	developer name	Nick Burch	Medium
Vendor	pom	developer name	Rob Leland	Medium
Vendor	pom	developer name	SimoneTripodi	Medium
Vendor	pom	developer name	Ted Husted	Medium
Vendor	pom	developer org	EdgeTech, Inc	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	commons-validator	Highest
Vendor	pom	name	Apache Commons Validator	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	parent-groupid	org.apache.commons	Medium
Vendor	pom	url	http://commons.apache.org/proper/commons-validator/	Highest
Product	file	name	commons-validator	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	validator	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://commons.apache.org/proper/commons-validator/	Low
Product	Manifest	Bundle-Name	Apache Commons Validator	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.commons-validator	Medium
Product	Manifest	Implementation-Title	Apache Commons Validator	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons Validator	Medium
Product	pom	artifactid	commons-validator	Highest
Product	pom	developer email	craigmcc@apache.org	Low
Product	pom	developer email	dgraham@apache.org	Low
Product	pom	developer email	dwinterfeldt@apache.org	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	husted@apache.org	Low
Product	pom	developer email	jmitchell NOSPAM apache.org	Low
Product	pom	developer email	martinc@apache.org	Low
Product	pom	developer email	mrdon@apache.org	Low
Product	pom	developer email	rleland at apache.org	Low
Product	pom	developer email	turner@apache.org	Low
Product	pom	developer id	bayard	Low
Product	pom	developer id	britter	Low
Product	pom	developer id	bspeakmon	Low
Product	pom	developer id	craigmcc	Low
Product	pom	developer id	dgraham	Low
Product	pom	developer id	dwinterfeldt	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	husted	Low
Product	pom	developer id	jmitchell	Low
Product	pom	developer id	martinc	Low
Product	pom	developer id	mrdon	Low
Product	pom	developer id	niallp	Low
Product	pom	developer id	nick	Low
Product	pom	developer id	rleland	Low
Product	pom	developer id	simonetripodi	Low
Product	pom	developer id	turner	Low
Product	pom	developer name	Ben Speakmon	Low
Product	pom	developer name	Benedikt Ritter	Low
Product	pom	developer name	Craig McClanahan	Low
Product	pom	developer name	David Graham	Low
Product	pom	developer name	David Winterfeldt	Low
Product	pom	developer name	Don Brown	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Henri Yandell	Low
Product	pom	developer name	James Mitchell	Low
Product	pom	developer name	James Turner	Low
Product	pom	developer name	Martin Cooper	Low
Product	pom	developer name	Niall Pemberton	Low
Product	pom	developer name	Nick Burch	Low
Product	pom	developer name	Rob Leland	Low
Product	pom	developer name	SimoneTripodi	Low
Product	pom	developer name	Ted Husted	Low
Product	pom	developer org	EdgeTech, Inc	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	commons-validator	Highest
Product	pom	name	Apache Commons Validator	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	parent-groupid	org.apache.commons	Medium
Product	pom	url	http://commons.apache.org/proper/commons-validator/	Medium
Version	file	version	1.10.0	High
Version	Manifest	Bundle-Version	1.10.0	High
Version	Manifest	Implementation-Version	1.10.0	High
Version	pom	parent-version	1.10.0	Low
Version	pom	version	1.10.0	Highest

Identifiers

pkg:maven/commons-validator/commons-validator@1.10.0 (Confidence:High)

core.async-1.8.741.jar

Description:

Facilities for async programming and communication in Clojure

File Path: /home/runner/.m2/repository/org/clojure/core.async/1.8.741/core.async-1.8.741.jar
MD5: cdd5b4b278d48a7e75138f15e90c4902
SHA1: 0568d9b06541900b0dc024ca900092e6b1bde76d
SHA256:288489a4f0e580f43e1913cba842b32959ef01e2d1bc3a01db2e97c79c9c655a

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	core.async	High
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	pom	artifactid	core.async	Low
Vendor	pom	developer id	richhickey	Medium
Vendor	pom	developer name	Rich Hickey	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	core.async	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Vendor	pom	url	clojure/core.async	Highest
Product	file	name	core.async	High
Product	Manifest	build-jdk-spec	1.8	Low
Product	pom	artifactid	core.async	Highest
Product	pom	developer id	richhickey	Low
Product	pom	developer name	Rich Hickey	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	core.async	High
Product	pom	parent-artifactid	pom.contrib	Medium
Product	pom	url	clojure/core.async	High
Version	file	version	1.8.741	High
Version	pom	parent-version	1.8.741	Low
Version	pom	version	1.8.741	Highest

Identifiers

pkg:maven/org.clojure/core.async@1.8.741 (Confidence:High)

core.cache-1.1.234.jar

Description:

Cache library for Clojure.

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/core.cache/1.1.234/core.cache-1.1.234.jar
MD5: c74f1627e4c7bc82173ee885049ca95b
SHA1: 4efde969ef1c0659f7b0e6e28c85263d9af01299
SHA256:ba9071044edb7b009288b2c5f800a7dcd918b0f1725c5ba800469238df972f63

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	core.cache	High
Vendor	pom	artifactid	core.cache	Low
Vendor	pom	developer id	fogus	Medium
Vendor	pom	developer name	Michael Fogus	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	core.cache	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	core.cache	High
Product	pom	artifactid	core.cache	Highest
Product	pom	developer id	fogus	Low
Product	pom	developer name	Michael Fogus	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	core.cache	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.1.234	High
Version	pom	parent-version	1.1.234	Low
Version	pom	version	1.1.234	Highest

Identifiers

pkg:maven/org.clojure/core.cache@1.1.234 (Confidence:High)

core.memoize-1.1.266.jar

Description:

A memoization library for Clojure

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/core.memoize/1.1.266/core.memoize-1.1.266.jar
MD5: 70a78543850b17e61d8a122e8cb6f4a7
SHA1: e2cc0e3a742723a52e72373aebc556b678909ddc
SHA256:5792a21d6d90a1f5e68d4a10f65607aa21f6c484eb9d1a421cefc1f8ac26f18e

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	core.memoize	High
Vendor	pom	artifactid	core.memoize	Low
Vendor	pom	developer id	fogus	Medium
Vendor	pom	developer name	Fogus	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	core.memoize	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	core.memoize	High
Product	pom	artifactid	core.memoize	Highest
Product	pom	developer id	fogus	Low
Product	pom	developer name	Fogus	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	core.memoize	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.1.266	High
Version	pom	parent-version	1.1.266	Low
Version	pom	version	1.1.266	Highest

Identifiers

pkg:maven/org.clojure/core.memoize@1.1.266 (Confidence:High)

core.specs.alpha-0.4.74.jar

Description:

Specs for clojure.core

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/core.specs.alpha/0.4.74/core.specs.alpha-0.4.74.jar
MD5: ebd37b9a3c39e6b769fc1463737cb8d4
SHA1: d56a8d4c666ff8140e6d0a62d41263134be39254
SHA256:eb73ac08cf49ba840c88ba67beef11336ca554333d9408808d78946e0feb9ddb

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	core.specs.alpha	High
Vendor	pom	artifactid	core.specs.alpha	Low
Vendor	pom	developer id	puredanger	Medium
Vendor	pom	developer name	Alex Miller	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	core.specs.alpha	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	core.specs.alpha	High
Product	pom	artifactid	core.specs.alpha	Highest
Product	pom	developer id	puredanger	Low
Product	pom	developer name	Alex Miller	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	core.specs.alpha	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	0.4.74	High
Version	pom	parent-version	0.4.74	Low
Version	pom	version	0.4.74	Highest

Identifiers

pkg:maven/org.clojure/core.specs.alpha@0.4.74 (Confidence:High)
cpe:2.3:a:alex_project:alex:0.4.74:*:*:*:*:*:*:* (Confidence:Low)

data.json-2.3.1.jar

Description:

Generating/parsing JSON from/to Clojure data structures

File Path: /home/runner/.m2/repository/org/clojure/data.json/2.3.1/data.json-2.3.1.jar
MD5: c40582783bbba064e6d2eab43067c183
SHA1: bccad454332d350fcf088ad65e961b9ed7687b7b
SHA256:ab6fcad6c5a174eecf6424c789064288626bf0434aab6414c9947df26e3ee4e2

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	data.json	High
Vendor	pom	artifactid	data.json	Low
Vendor	pom	developer email	mail@stuartsierra.com	Low
Vendor	pom	developer name	Stuart Sierra	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	data.json	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Vendor	pom	url	clojure/data.json	Highest
Product	file	name	data.json	High
Product	pom	artifactid	data.json	Highest
Product	pom	developer email	mail@stuartsierra.com	Low
Product	pom	developer name	Stuart Sierra	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	data.json	High
Product	pom	parent-artifactid	pom.contrib	Medium
Product	pom	url	clojure/data.json	High
Version	file	version	2.3.1	High
Version	pom	parent-version	2.3.1	Low
Version	pom	version	2.3.1	Highest

Identifiers

pkg:maven/org.clojure/data.json@2.3.1 (Confidence:High)

data.priority-map-1.2.0.jar

File Path: /home/runner/.m2/repository/org/clojure/data.priority-map/1.2.0/data.priority-map-1.2.0.jar
MD5: 2cfe73a5c938e7fd15d36bcbe29b5918
SHA1: a07772b9f061023198635d1b1425d936507f5ec7
SHA256:a4523626a1ccc4fce0d1efe6df16897fc3e34b58738f0462e4536af17dea02f0

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	data.priority-map	High
Vendor	pom	artifactid	data.priority-map	Low
Vendor	pom	developer name	Mark Engelberg	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	data.priority-map	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	data.priority-map	High
Product	pom	artifactid	data.priority-map	Highest
Product	pom	developer name	Mark Engelberg	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	data.priority-map	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.2.0	High
Version	pom	version	1.2.0	Highest

Identifiers

pkg:maven/org.clojure/data.priority-map@1.2.0 (Confidence:High)

discljord-1.3.1.jar

Description:

A Clojure wrapper library for the Discord API, with full API coverage (except voice, for now), and high scalability.

License:

Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html

File Path: /home/runner/.m2/repository/com/github/discljord/discljord/1.3.1/discljord-1.3.1.jar
MD5: 3d3b7aff80ce893282e7eaaadd708061
SHA1: df0e0be3ff5ae9e072b1dfa8422eaa5deb3a3251
SHA256:361fc69812dbf436458f1716afeeb5ae8f7210fc798cd3b3fb27d39449b369aa

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	discljord	High
Vendor	pom	artifactid	discljord	Low
Vendor	pom	groupid	com.github.discljord	Highest
Vendor	pom	name	discljord	High
Vendor	pom	url	IGJoshua/discljord	Highest
Product	file	name	discljord	High
Product	pom	artifactid	discljord	Highest
Product	pom	groupid	com.github.discljord	Highest
Product	pom	name	discljord	High
Product	pom	url	IGJoshua/discljord	High
Version	file	version	1.3.1	High
Version	pom	version	1.3.1	Highest

Identifiers

pkg:maven/com.github.discljord/discljord@1.3.1 (Confidence:High)

embroidery-1.0.44.jar

Description:

A Clojure micro-library for leveraging virtual threads on JVMs that support them.

License:

Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/com/github/pmonks/embroidery/1.0.44/embroidery-1.0.44.jar
MD5: 0141ce9e67e5c76af519e98fc5a8bf5d
SHA1: 0ce7accc8b0fe2fcb13b0e509c322de914390ad2
SHA256:f978771dcca1ef87a0668cee9911882fea462791f20a6166b93edc356d35f152

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	embroidery	High
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	pom	artifactid	embroidery	Low
Vendor	pom	developer email	pmonks+embroidery@gmail.com	Low
Vendor	pom	developer id	pmonks	Medium
Vendor	pom	developer name	Peter Monks	Medium
Vendor	pom	groupid	com.github.pmonks	Highest
Vendor	pom	name	embroidery	High
Vendor	pom	url	pmonks/embroidery	Highest
Product	file	name	embroidery	High
Product	Manifest	build-jdk-spec	21	Low
Product	pom	artifactid	embroidery	Highest
Product	pom	developer email	pmonks+embroidery@gmail.com	Low
Product	pom	developer id	pmonks	Low
Product	pom	developer name	Peter Monks	Low
Product	pom	groupid	com.github.pmonks	Highest
Product	pom	name	embroidery	High
Product	pom	url	pmonks/embroidery	High
Version	file	version	1.0.44	High
Version	pom	version	1.0.44	Highest

Identifiers

pkg:maven/com.github.pmonks/embroidery@1.0.44 (Confidence:High)

gniazdo-1.2.2.jar

Description:

A WebSocket client for Clojure

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/stylefruits/gniazdo/1.2.2/gniazdo-1.2.2.jar
MD5: 475a727ac1787ab0afc92e70062de2f5
SHA1: e7eafb16875928396d58c8d62c857d728ef7587a
SHA256:799c9dd0dcb3c6418e72d4e2ef2cb8be12e529db5619e98849b4046adab9129f

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	gniazdo	High
Vendor	Manifest	leiningen-project-artifactid	gniazdo	Low
Vendor	Manifest	leiningen-project-groupid	stylefruits	Low
Vendor	pom	artifactid	gniazdo	Low
Vendor	pom	groupid	stylefruits	Highest
Vendor	pom	name	gniazdo	High
Vendor	pom	url	stylefruits/gniazdo	Highest
Product	file	name	gniazdo	High
Product	Manifest	leiningen-project-artifactid	gniazdo	Low
Product	Manifest	leiningen-project-groupid	stylefruits	Low
Product	pom	artifactid	gniazdo	Highest
Product	pom	groupid	stylefruits	Highest
Product	pom	name	gniazdo	High
Product	pom	url	stylefruits/gniazdo	High
Version	file	version	1.2.2	High
Version	Manifest	leiningen-project-version	1.2.2	Medium
Version	pom	version	1.2.2	Highest

Identifiers

pkg:maven/stylefruits/gniazdo@1.2.2 (Confidence:High)

hato-1.0.0.jar

Description:

An HTTP client for Clojure, wrapping JDK 11's HttpClient.

License:

The MIT License: http://opensource.org/licenses/mit-license.php

File Path: /home/runner/.m2/repository/hato/hato/1.0.0/hato-1.0.0.jar
MD5: 169f69866f7e0eaf8f5a38ad049bcecf
SHA1: 6a1bea52787ef5419f9d4475bce4997581ee6276
SHA256:6b65a8f6145ec577b015cbfa3703c2d00f5e9f964bc6fca7b71dfc56a4ffe029

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	hato	High
Vendor	Manifest	leiningen-project-artifactid	hato	Low
Vendor	Manifest	leiningen-project-groupid	hato	Low
Vendor	pom	artifactid	hato	Low
Vendor	pom	groupid	hato	Highest
Vendor	pom	name	hato	High
Vendor	pom	url	gnarroway/hato	Highest
Product	file	name	hato	High
Product	Manifest	leiningen-project-artifactid	hato	Low
Product	Manifest	leiningen-project-groupid	hato	Low
Product	pom	artifactid	hato	Highest
Product	pom	groupid	hato	Highest
Product	pom	name	hato	High
Product	pom	url	gnarroway/hato	High
Version	file	version	1.0.0	High
Version	Manifest	leiningen-project-version	1.0.0	Medium
Version	pom	version	1.0.0	Highest

Identifiers

pkg:maven/hato/hato@1.0.0 (Confidence:High)

http-kit-2.8.1.jar

Description:

Simple, high-performance event-driven HTTP client+server for Clojure

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/http-kit/http-kit/2.8.1/http-kit-2.8.1.jar
MD5: b2e1c511125b476851ff9c6a82d4b2dc
SHA1: ddcee7f29444e13f78f4c6423e3302c39455f4cd
SHA256:05e632f9b08da3cebefd51c334ccab650b3b8bc43068443661472606b804d2f2

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	http-kit	High
Vendor	jar	package name	client	Highest
Vendor	jar	package name	server	Highest
Vendor	Manifest	leiningen-project-artifactid	http-kit	Low
Vendor	Manifest	leiningen-project-groupid	http-kit	Low
Vendor	pom	artifactid	http-kit	Low
Vendor	pom	groupid	http-kit	Highest
Vendor	pom	name	http-kit	High
Vendor	pom	url	http-kit/http-kit	Highest
Product	file	name	http-kit	High
Product	jar	package name	client	Highest
Product	jar	package name	server	Highest
Product	Manifest	leiningen-project-artifactid	http-kit	Low
Product	Manifest	leiningen-project-groupid	http-kit	Low
Product	pom	artifactid	http-kit	Highest
Product	pom	groupid	http-kit	Highest
Product	pom	name	http-kit	High
Product	pom	url	http-kit/http-kit	High
Version	file	version	2.8.1	High
Version	Manifest	leiningen-project-version	2.8.1	Medium
Version	pom	version	2.8.1	Highest

Identifiers

pkg:maven/http-kit/http-kit@2.8.1 (Confidence:High)

jackson-core-2.20.0.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.20.0/jackson-core-2.20.0.jar
MD5: 3536b524a7106dae1b4feb71e6f5ff74
SHA1: 3c97f7fad069f7cfae639d790bd93d6a0b2dff31
SHA256:bc0cf46075877201f8406ee7de2741ae7df6c066f5f0457bd80632a718c06e72

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-core	High
Vendor	jar	package name	base	Highest
Vendor	jar	package name	com	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	jar	package name	json	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-core	Low
Vendor	pom	groupid	com.fasterxml.jackson.core	Highest
Vendor	pom	name	Jackson-core	High
Vendor	pom	parent-artifactid	jackson-base	Low
Vendor	pom	parent-groupid	com.fasterxml.jackson	Medium
Vendor	pom	url	FasterXML/jackson-core	Highest
Product	file	name	jackson-core	High
Product	hint analyzer	product	java8	Highest
Product	hint analyzer	product	modules	Highest
Product	jar	package name	base	Highest
Product	jar	package name	com	Highest
Product	jar	package name	core	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	jar	package name	json	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Product	Manifest	Bundle-Name	Jackson-core	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Product	Manifest	Implementation-Title	Jackson-core	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Jackson-core	Medium
Product	pom	artifactid	jackson-core	Highest
Product	pom	groupid	com.fasterxml.jackson.core	Highest
Product	pom	name	Jackson-core	High
Product	pom	parent-artifactid	jackson-base	Medium
Product	pom	parent-groupid	com.fasterxml.jackson	Medium
Product	pom	url	FasterXML/jackson-core	High
Version	file	version	2.20.0	High
Version	Manifest	Bundle-Version	2.20.0	High
Version	Manifest	Implementation-Version	2.20.0	High
Version	pom	version	2.20.0	Highest

Identifiers

pkg:maven/com.fasterxml.jackson.core/jackson-core@2.20.0 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-modules-java8:2.20.0:*:*:*:*:*:*:* (Confidence:Low)

jackson-dataformat-cbor-2.20.0.jar

Description:

Support for reading and writing Concise Binary Object Representation
([CBOR](https://www.rfc-editor.org/info/rfc7049)
encoded data using Jackson abstractions (streaming API, data binding, tree model)

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-cbor/2.20.0/jackson-dataformat-cbor-2.20.0.jar
MD5: d7d1d6cba1ee620ac11b84c0cb76a52f
SHA1: c10e9032bec62df3089ca1cbdef43a1453aca261
SHA256:ab075616cbd67f5676f89825ec9c8bc7b54c84dbe934b162145b34172370b5d6

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-dataformat-cbor	High
Vendor	jar	package name	cbor	Highest
Vendor	jar	package name	dataformat	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-dataformats-binary	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.dataformat.jackson-dataformat-cbor	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.dataformat	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-dataformat-cbor	Low
Vendor	pom	groupid	com.fasterxml.jackson.dataformat	Highest
Vendor	pom	name	Jackson dataformat: CBOR	High
Vendor	pom	parent-artifactid	jackson-dataformats-binary	Low
Vendor	pom	url	FasterXML/jackson-dataformats-binary	Highest
Product	file	name	jackson-dataformat-cbor	High
Product	jar	package name	cbor	Highest
Product	jar	package name	dataformat	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-dataformats-binary	Low
Product	Manifest	Bundle-Name	Jackson dataformat: CBOR	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.dataformat.jackson-dataformat-cbor	Medium
Product	Manifest	Implementation-Title	Jackson dataformat: CBOR	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Jackson dataformat: CBOR	Medium
Product	pom	artifactid	jackson-dataformat-cbor	Highest
Product	pom	groupid	com.fasterxml.jackson.dataformat	Highest
Product	pom	name	Jackson dataformat: CBOR	High
Product	pom	parent-artifactid	jackson-dataformats-binary	Medium
Product	pom	url	FasterXML/jackson-dataformats-binary	High
Version	file	version	2.20.0	High
Version	Manifest	Bundle-Version	2.20.0	High
Version	Manifest	Implementation-Version	2.20.0	High
Version	pom	version	2.20.0	Highest

Related Dependencies

Identifiers

pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-cbor@2.20.0 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-dataformats-binary:2.20.0:*:*:*:*:*:*:* (Confidence:Low)

jansi-2.4.1.jar

Description:

Jansi is a java library for generating and interpreting ANSI escape sequences.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/org/fusesource/jansi/jansi/2.4.1/jansi-2.4.1.jar
MD5: 10c1033cc584325f020e2f9d231c0764
SHA1: d5774f204d990c9f5da2809b88f928515577beb4
SHA256:2e5e775a9dc58ffa6bbd6aa6f099d62f8b62dcdeb4c3c3bbbe5cf2301bc2dcc1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jansi	High
Vendor	jar	package name	fusesource	Highest
Vendor	jar	package name	jansi	Highest
Vendor	Manifest	automatic-module-name	org.fusesource.jansi	Medium
Vendor	Manifest	build-jdk-spec	11	Low
Vendor	Manifest	bundle-docurl	http://fusesource.com/	Low
Vendor	Manifest	bundle-symbolicname	org.fusesource.jansi	Medium
Vendor	Manifest	Implementation-Vendor	FuseSource, Corp.	High
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	jansi	Low
Vendor	pom	developer email	gnodet@gmail.com	Low
Vendor	pom	developer email	hiram@hiramchirino.com	Low
Vendor	pom	developer id	chirino	Medium
Vendor	pom	developer id	gnodet	Medium
Vendor	pom	developer name	Guillaume Nodet	Medium
Vendor	pom	developer name	Hiram Chirino	Medium
Vendor	pom	groupid	org.fusesource.jansi	Highest
Vendor	pom	name	Jansi	High
Vendor	pom	parent-artifactid	fusesource-pom	Low
Vendor	pom	parent-groupid	org.fusesource	Medium
Vendor	pom	url	http://fusesource.github.io/jansi	Highest
Product	file	name	jansi	High
Product	jar	package name	fusesource	Highest
Product	jar	package name	jansi	Highest
Product	Manifest	automatic-module-name	org.fusesource.jansi	Medium
Product	Manifest	build-jdk-spec	11	Low
Product	Manifest	bundle-docurl	http://fusesource.com/	Low
Product	Manifest	Bundle-Name	Jansi	Medium
Product	Manifest	bundle-symbolicname	org.fusesource.jansi	Medium
Product	Manifest	Implementation-Title	Jansi	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Jansi	Medium
Product	pom	artifactid	jansi	Highest
Product	pom	developer email	gnodet@gmail.com	Low
Product	pom	developer email	hiram@hiramchirino.com	Low
Product	pom	developer id	chirino	Low
Product	pom	developer id	gnodet	Low
Product	pom	developer name	Guillaume Nodet	Low
Product	pom	developer name	Hiram Chirino	Low
Product	pom	groupid	org.fusesource.jansi	Highest
Product	pom	name	Jansi	High
Product	pom	parent-artifactid	fusesource-pom	Medium
Product	pom	parent-groupid	org.fusesource	Medium
Product	pom	url	http://fusesource.github.io/jansi	Medium
Version	file	version	2.4.1	High
Version	Manifest	Bundle-Version	2.4.1	High
Version	Manifest	Implementation-Version	2.4.1	High
Version	pom	parent-version	2.4.1	Low
Version	pom	version	2.4.1	Highest

Identifiers

pkg:maven/org.fusesource.jansi/jansi@2.4.1 (Confidence:High)

jansi-clj-1.0.5.jar

Description:

Clojure Wrapper around Jansi.

License:

MIT: https://choosealicense.com/licenses/mit

File Path: /home/runner/.m2/repository/jansi-clj/jansi-clj/1.0.5/jansi-clj-1.0.5.jar
MD5: d51e14247ca1d67b30a22a3c8d0a85f3
SHA1: e2483b480c5df43a4668eb1db3479290ba42d8f9
SHA256:b60ffc5032fdd77c6c6dae69b9fbd7194cc2dd3c93294baa838d474af93b62a0

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jansi-clj	High
Vendor	Manifest	leiningen-project-artifactid	jansi-clj	Low
Vendor	Manifest	leiningen-project-groupid	jansi-clj	Low
Vendor	pom	artifactid	jansi-clj	Low
Vendor	pom	groupid	jansi-clj	Highest
Vendor	pom	name	jansi-clj	High
Vendor	pom	url	https://codeberg.org/xsc/jansi-clj	Highest
Product	file	name	jansi-clj	High
Product	Manifest	leiningen-project-artifactid	jansi-clj	Low
Product	Manifest	leiningen-project-groupid	jansi-clj	Low
Product	pom	artifactid	jansi-clj	Highest
Product	pom	groupid	jansi-clj	Highest
Product	pom	name	jansi-clj	High
Product	pom	url	https://codeberg.org/xsc/jansi-clj	Medium
Version	file	version	1.0.5	High
Version	Manifest	leiningen-project-version	1.0.5	Medium
Version	pom	version	1.0.5	Highest

Identifiers

pkg:maven/jansi-clj/jansi-clj@1.0.5 (Confidence:High)

jcl-over-slf4j-2.0.17.jar

Description:

JCL 1.2 implemented over SLF4J

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/org/slf4j/jcl-over-slf4j/2.0.17/jcl-over-slf4j-2.0.17.jar
MD5: 4fcd46ca51e55b9fd9b0db34474927e0
SHA1: 76ea503eb688f06556a9ba69995d7eab63e34531
SHA256:affd06771589ebfe454bb11315a4f466ecaa135b95f3e7939534cf1d2fd7064c

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jcl-over-slf4j	High
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	jcl.over.slf4j	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Vendor	pom	artifactid	jcl-over-slf4j	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	JCL 1.2 implemented over SLF4J	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	jcl-over-slf4j	High
Product	jar	package name	9	Highest
Product	jar	package name	apache	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	JCL 1.2 implemented over SLF4J	Medium
Product	Manifest	bundle-symbolicname	jcl.over.slf4j	Medium
Product	Manifest	Implementation-Title	jcl-over-slf4j	High
Product	Manifest	multi-release	true	Low
Product	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Product	pom	artifactid	jcl-over-slf4j	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	JCL 1.2 implemented over SLF4J	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/jcl-over-slf4j@2.0.17 (Confidence:High)

jetty-http-9.4.58.v20250814.jar

Description:

Jetty module for Jetty :: Http Utility

License:

http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php

File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-http/9.4.58.v20250814/jetty-http-9.4.58.v20250814.jar
MD5: 9946c9ecc8193405df3bcd3120310c60
SHA1: 98c52c56ecc1eedd9e05327f266f35c5ef8bf0c4
SHA256:8f49b8583fc8dbbfe3a0ba80a04c97df64ebabca2981b56ee403c989aba9d4da

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jetty-http	High
Vendor	jar	package name	eclipse	Highest
Vendor	jar	package name	http	Highest
Vendor	jar	package name	jetty	Highest
Vendor	Manifest	automatic-module-name	org.eclipse.jetty.http	Medium
Vendor	Manifest	build-jdk-spec	17	Low
Vendor	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Vendor	Manifest	bundle-docurl	https://jetty.org/	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.eclipse.jetty.http	Medium
Vendor	Manifest	Implementation-Vendor	Eclipse Jetty Project	High
Vendor	Manifest	provide-capability	osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.http.HttpFieldPreEncoder"	Low
Vendor	Manifest	url	https://jetty.org/	Low
Vendor	pom	artifactid	jetty-http	Low
Vendor	pom	groupid	org.eclipse.jetty	Highest
Vendor	pom	name	Jetty :: Http Utility	High
Vendor	pom	parent-artifactid	jetty-project	Low
Product	file	name	jetty-http	High
Product	jar	package name	eclipse	Highest
Product	jar	package name	http	Highest
Product	jar	package name	httpfieldpreencoder	Highest
Product	jar	package name	jetty	Highest
Product	Manifest	automatic-module-name	org.eclipse.jetty.http	Medium
Product	Manifest	build-jdk-spec	17	Low
Product	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Product	Manifest	bundle-docurl	https://jetty.org/	Low
Product	Manifest	Bundle-Name	Jetty :: Http Utility	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.eclipse.jetty.http	Medium
Product	Manifest	provide-capability	osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.http.HttpFieldPreEncoder"	Low
Product	Manifest	url	https://jetty.org/	Low
Product	pom	artifactid	jetty-http	Highest
Product	pom	groupid	org.eclipse.jetty	Highest
Product	pom	name	Jetty :: Http Utility	High
Product	pom	parent-artifactid	jetty-project	Medium
Version	file	version	9.4.58.v20250814	High
Version	Manifest	Bundle-Version	9.4.58.v20250814	High
Version	Manifest	Implementation-Version	9.4.58.v20250814	High
Version	pom	version	9.4.58.v20250814	Highest

Identifiers

pkg:maven/org.eclipse.jetty/jetty-http@9.4.58.v20250814 (Confidence:High)
cpe:2.3:a:eclipse:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)

Published Vulnerabilities

CVE-2024-6763 (OSSINDEX)

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.

CWE-1286 Improper Validation of Syntactic Correctness of Input

CVSSv3:

Base Score: MEDIUM (5.300000190734863)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

OSSINDEX - [CVE-2024-6763] CWE-1286 CWE-Other
OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-6763
OSSIndex - https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh

Vulnerable Software & Versions (OSSINDEX):

cpe:2.3:a:org.eclipse.jetty:jetty-http:9.4.58.v20250814:*:*:*:*:*:*:*

jetty-io-9.4.58.v20250814.jar

Description:

Jetty module for Jetty :: IO Utility

License:

http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php

File Path: /home/runner/.m2/repository/org/eclipse/jetty/jetty-io/9.4.58.v20250814/jetty-io-9.4.58.v20250814.jar
MD5: e0a82e5c51fbecba26a129c886be9c1b
SHA1: e198dae4d91fa79d9c1e2e039870d49c487c45cf
SHA256:f55b2cc7c05244fd7b1773e99979b740002b0186e45b8a688243d89c7006fe21

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jetty-io	High
Vendor	jar	package name	eclipse	Highest
Vendor	jar	package name	io	Highest
Vendor	jar	package name	jetty	Highest
Vendor	Manifest	automatic-module-name	org.eclipse.jetty.io	Medium
Vendor	Manifest	build-jdk-spec	17	Low
Vendor	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Vendor	Manifest	bundle-docurl	https://jetty.org/	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.eclipse.jetty.io	Medium
Vendor	Manifest	Implementation-Vendor	Eclipse Jetty Project	High
Vendor	Manifest	url	https://jetty.org/	Low
Vendor	pom	artifactid	jetty-io	Low
Vendor	pom	groupid	org.eclipse.jetty	Highest
Vendor	pom	name	Jetty :: IO Utility	High
Vendor	pom	parent-artifactid	jetty-project	Low
Product	file	name	jetty-io	High
Product	jar	package name	eclipse	Highest
Product	jar	package name	io	Highest
Product	jar	package name	jetty	Highest
Product	Manifest	automatic-module-name	org.eclipse.jetty.io	Medium
Product	Manifest	build-jdk-spec	17	Low
Product	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Product	Manifest	bundle-docurl	https://jetty.org/	Low
Product	Manifest	Bundle-Name	Jetty :: IO Utility	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.eclipse.jetty.io	Medium
Product	Manifest	url	https://jetty.org/	Low
Product	pom	artifactid	jetty-io	Highest
Product	pom	groupid	org.eclipse.jetty	Highest
Product	pom	name	Jetty :: IO Utility	High
Product	pom	parent-artifactid	jetty-project	Medium
Version	file	version	9.4.58.v20250814	High
Version	Manifest	Bundle-Version	9.4.58.v20250814	High
Version	Manifest	Implementation-Version	9.4.58.v20250814	High
Version	pom	version	9.4.58.v20250814	Highest

Related Dependencies

Identifiers

pkg:maven/org.eclipse.jetty/jetty-io@9.4.58.v20250814 (Confidence:High)
cpe:2.3:a:eclipse:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)

jul-to-slf4j-2.0.17.jar

Description:

JUL to SLF4J bridge

License:

https://opensource.org/license/mit

File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/2.0.17/jul-to-slf4j-2.0.17.jar
MD5: a42936c56611e4794c42908fb3d3a647
SHA1: 524cb6ccc2b68a57604750e1ab8b13b5a786a6aa
SHA256:a7afcd23b9cfd1475e55c94f943b808c5922035e7e2c2a5c65a487a4106bc538

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jul-to-slf4j	High
Vendor	jar	package name	bridge	Highest
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	jul.to.slf4j	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	jul-to-slf4j	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	JUL to SLF4J bridge	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	jul-to-slf4j	High
Product	jar	package name	bridge	Highest
Product	jar	package name	slf4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	JUL to SLF4J bridge	Medium
Product	Manifest	bundle-symbolicname	jul.to.slf4j	Medium
Product	Manifest	Implementation-Title	jul-to-slf4j	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	jul-to-slf4j	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	JUL to SLF4J bridge	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/jul-to-slf4j@2.0.17 (Confidence:High)

linked-1.3.0.jar

Description:

Efficient ordered map and set.

License:

Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html

File Path: /home/runner/.m2/repository/frankiesardo/linked/1.3.0/linked-1.3.0.jar
MD5: 116a0e136ec5951eaede8a50d08d2617
SHA1: a9e0a8b3fb028b91b6d46305c629dacd63857e9e
SHA256:f952b1d95a5f5cc105ac8ff96656dd12540d5ea28e31f68e101778820f204d3a

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	linked	High
Vendor	pom	artifactid	linked	Low
Vendor	pom	groupid	frankiesardo	Highest
Vendor	pom	name	linked	High
Vendor	pom	url	frankiesardo/linked	Highest
Product	file	name	linked	High
Product	pom	artifactid	linked	Highest
Product	pom	groupid	frankiesardo	Highest
Product	pom	name	linked	High
Product	pom	url	frankiesardo/linked	High
Version	file	version	1.3.0	High
Version	pom	version	1.3.0	Highest

Identifiers

pkg:maven/frankiesardo/linked@1.3.0 (Confidence:High)

log4j-over-slf4j-2.0.17.jar

Description:

Log4j implemented over SLF4J

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/org/slf4j/log4j-over-slf4j/2.0.17/log4j-over-slf4j-2.0.17.jar
MD5: ec3cf11fe022ffd852ab84e9b8b69a96
SHA1: 55e55c79a0b89ccc9e411049005c02b7514e0cf9
SHA256:cbf30eaf95357ab7babf9be123da9cc702f0fe83b23392b7a62589d60b5862d1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	log4j-over-slf4j	High
Vendor	jar	package name	log4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	log4j.over.slf4j	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	log4j-over-slf4j	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	Log4j Implemented Over SLF4J	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	log4j-over-slf4j	High
Product	jar	package name	log4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	Log4j Implemented Over SLF4J	Medium
Product	Manifest	bundle-symbolicname	log4j.over.slf4j	Medium
Product	Manifest	Implementation-Title	log4j-over-slf4j	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	log4j-over-slf4j	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	Log4j Implemented Over SLF4J	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/log4j-over-slf4j@2.0.17 (Confidence:High)

logback-core-1.5.18.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html

File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.5.18/logback-core-1.5.18.jar
MD5: 10bcea83842beead15f072799b9c923d
SHA1: 6c0375624f6f36b4e089e2488ba21334a11ef13f
SHA256:85139e7b57b464f8e5e36326dd81317648bed199ccc4f98cd42585f8d7571027

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	logback-core	High
Vendor	jar	package name	ch	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	logback	Highest
Vendor	jar	package name	qos	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.qos.ch	Low
Vendor	Manifest	bundle-symbolicname	ch.qos.logback.core	Medium
Vendor	Manifest	Implementation-Vendor	QOS.ch	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Vendor	Manifest	specification-vendor	QOS.ch	Low
Vendor	pom	artifactid	logback-core	Low
Vendor	pom	groupid	ch.qos.logback	Highest
Vendor	pom	name	Logback Core Module	High
Vendor	pom	parent-artifactid	logback-parent	Low
Product	file	name	logback-core	High
Product	jar	package name	21	Highest
Product	jar	package name	ch	Highest
Product	jar	package name	core	Highest
Product	jar	package name	logback	Highest
Product	jar	package name	qos	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.qos.ch	Low
Product	Manifest	Bundle-Name	Logback Core Module	Medium
Product	Manifest	bundle-symbolicname	ch.qos.logback.core	Medium
Product	Manifest	Implementation-Title	Logback Core Module	High
Product	Manifest	multi-release	true	Low
Product	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Product	Manifest	specification-title	Logback Core Module	Medium
Product	pom	artifactid	logback-core	Highest
Product	pom	groupid	ch.qos.logback	Highest
Product	pom	name	Logback Core Module	High
Product	pom	parent-artifactid	logback-parent	Medium
Version	file	version	1.5.18	High
Version	Manifest	Bundle-Version	1.5.18	High
Version	Manifest	Implementation-Version	1.5.18	High
Version	pom	version	1.5.18	Highest

Related Dependencies

Identifiers

pkg:maven/ch.qos.logback/logback-core@1.5.18 (Confidence:High)
cpe:2.3:a:qos:logback:1.5.18:*:*:*:*:*:*:* (Confidence:Highest)

markov-chains-0.1.1.jar

Description:

A library (and application examples) of stochastic discrete-time Markov Chains (DTMC) in Clojure

License:

The MIT License (MIT): http://opensource.org/licenses/MIT

File Path: /home/runner/.m2/repository/rm-hull/markov-chains/0.1.1/markov-chains-0.1.1.jar
MD5: fe09104ac559adb0da1367b904ce70b7
SHA1: 3fd0d4c4dc53345b1c55f764f27fe157f792d69b
SHA256:441c1da2d134e2ba63d4efbe706f58704edd5cfeb28cd1641c213e04b18bac4f

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	markov-chains	High
Vendor	pom	artifactid	markov-chains	Low
Vendor	pom	groupid	rm-hull	Highest
Vendor	pom	name	markov-chains	High
Vendor	pom	url	rm-hull/markov-chains	Highest
Product	file	name	markov-chains	High
Product	pom	artifactid	markov-chains	Highest
Product	pom	groupid	rm-hull	Highest
Product	pom	name	markov-chains	High
Product	pom	url	rm-hull/markov-chains	High
Version	file	version	0.1.1	High
Version	pom	version	0.1.1	Highest

Identifiers

pkg:maven/rm-hull/markov-chains@0.1.1 (Confidence:High)

mount-0.1.23.jar

Description:

managing Clojure and ClojureScript app state since (reset)

License:

Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html

File Path: /home/runner/.m2/repository/mount/mount/0.1.23/mount-0.1.23.jar
MD5: e05e8dfcf58c72d3076f4a445b4dcba4
SHA1: 8d25e82c18c07d90a365dbab7abc9ac88d464f58
SHA256:cf71918bc8e44098d9b58a962a9d7a52d38dd1e92fb9149d347aaf35e54a82be

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	mount	High
Vendor	pom	artifactid	mount	Low
Vendor	pom	developer name	tolitius	Medium
Vendor	pom	groupid	mount	Highest
Vendor	pom	name	mount	High
Vendor	pom	url	tolitius/mount	Highest
Product	file	name	mount	High
Product	pom	artifactid	mount	Highest
Product	pom	developer name	tolitius	Low
Product	pom	groupid	mount	Highest
Product	pom	name	mount	High
Product	pom	url	tolitius/mount	High
Version	file	version	0.1.23	High
Version	pom	version	0.1.23	Highest

Identifiers

pkg:maven/mount/mount@0.1.23 (Confidence:High)

slash-0.6.1-SNAPSHOT.jar

Description:

A library for handling and routing Discord interactions

License:

MIT License: https://mit-license.org

File Path: /home/runner/.m2/repository/com/github/johnnyjayjay/slash/0.6.1-SNAPSHOT/slash-0.6.1-SNAPSHOT.jar
MD5: 767b85763ca68091a9adfb2077b92aae
SHA1: 066e8d320d1c1c713b54df2fd4944ada4a2fe3eb
SHA256:4df07f01e439471f46fbe43dc4bf189fdd27c492177b5d1d222b8c9895d11797

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slash	High
Vendor	Manifest	leiningen-project-artifactid	slash	Low
Vendor	pom	artifactid	slash	Low
Vendor	pom	groupid	com.github.johnnyjayjay	Highest
Vendor	pom	name	slash	High
Vendor	pom	url	JohnnyJayJay/slash	Highest
Product	file	name	slash	High
Product	Manifest	leiningen-project-artifactid	slash	Low
Product	pom	artifactid	slash	Highest
Product	pom	groupid	com.github.johnnyjayjay	Highest
Product	pom	name	slash	High
Product	pom	url	JohnnyJayJay/slash	High
Version	Manifest	leiningen-project-version	0.6.1-SNAPSHOT	Medium
Version	pom	version	0.6.1-SNAPSHOT	Highest

Identifiers

pkg:maven/com.github.johnnyjayjay/slash@0.6.1-SNAPSHOT (Confidence:High)

slf4j-api-2.0.17.jar

Description:

The slf4j API

License:

https://opensource.org/license/mit

File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slf4j-api	High
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	slf4j.api	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	slf4j-api	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	SLF4J API Module	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	slf4j-api	High
Product	jar	package name	slf4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	SLF4J API Module	Medium
Product	Manifest	bundle-symbolicname	slf4j.api	Medium
Product	Manifest	Implementation-Title	slf4j-api	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	slf4j-api	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	SLF4J API Module	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/slf4j-api@2.0.17 (Confidence:High)

spec.alpha-0.5.238.jar

Description:

Specification of data and functions

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/spec.alpha/0.5.238/spec.alpha-0.5.238.jar
MD5: 9f5ea5239dc04d6a8115add1e4f5f23a
SHA1: 4eb5dea521c4e6e1f68c2c47517f14a922003e60
SHA256:94cd99b6ea639641f37af4860a643b6ed399ee5a8be5d717cff0b663c8d75077

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	spec.alpha	High
Vendor	jar	package name	alpha	Highest
Vendor	jar	package name	clojure	Highest
Vendor	jar	package name	clojure	Low
Vendor	jar	package name	spec	Highest
Vendor	jar	package name	spec	Low
Vendor	pom	artifactid	spec.alpha	Low
Vendor	pom	developer id	richhickey	Medium
Vendor	pom	developer name	Rich Hickey	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	spec.alpha	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	spec.alpha	High
Product	jar	package name	alpha	Highest
Product	jar	package name	clojure	Highest
Product	jar	package name	spec	Highest
Product	jar	package name	spec	Low
Product	pom	artifactid	spec.alpha	Highest
Product	pom	developer id	richhickey	Low
Product	pom	developer name	Rich Hickey	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	spec.alpha	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	0.5.238	High
Version	pom	parent-version	0.5.238	Low
Version	pom	version	0.5.238	Highest

Identifiers

pkg:maven/org.clojure/spec.alpha@0.5.238 (Confidence:High)

spinner-2.0.284.jar

Description:

Simple ANSI text progress indicators for command line Clojure apps.

License:

MPL-2.0: https://www.mozilla.org/en-US/MPL/2.0/

File Path: /home/runner/.m2/repository/com/github/pmonks/spinner/2.0.284/spinner-2.0.284.jar
MD5: a99bb74e41ec96c90d9feee9a397214d
SHA1: 12685dd773305aecbae106da034f067c1f8a6fe2
SHA256:0964c3cb751c2c5c5c51e62d4241eab58d892bb11ff9c2d626e8ee52d2593930

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	spinner	High
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	pom	artifactid	spinner	Low
Vendor	pom	developer email	pmonks+spinner@gmail.com	Low
Vendor	pom	developer id	pmonks	Medium
Vendor	pom	developer name	Peter Monks	Medium
Vendor	pom	groupid	com.github.pmonks	Highest
Vendor	pom	name	spinner	High
Vendor	pom	url	pmonks/spinner	Highest
Product	file	name	spinner	High
Product	Manifest	build-jdk-spec	21	Low
Product	pom	artifactid	spinner	Highest
Product	pom	developer email	pmonks+spinner@gmail.com	Low
Product	pom	developer id	pmonks	Low
Product	pom	developer name	Peter Monks	Low
Product	pom	groupid	com.github.pmonks	Highest
Product	pom	name	spinner	High
Product	pom	url	pmonks/spinner	High
Version	file	version	2.0.284	High
Version	pom	version	2.0.284	Highest

Identifiers

pkg:maven/com.github.pmonks/spinner@2.0.284 (Confidence:High)

tigris-0.1.2.jar

Description:

Stream-to-stream JSON string encoding

License:

Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html

File Path: /home/runner/.m2/repository/tigris/tigris/0.1.2/tigris-0.1.2.jar
MD5: 5f33b5d6ca167cc92fb782b7d876262c
SHA1: a122db758561d995a83cbb40f252b64d8b0f506e
SHA256:49aa648edb6c14e57095a11b391eaee606578323fb79755f92331ac6300f97a0

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tigris	High
Vendor	jar	package name	tigris	Highest
Vendor	jar	package name	tigris	Low
Vendor	jar	package name	writequit	Low
Vendor	pom	artifactid	tigris	Low
Vendor	pom	groupid	tigris	Highest
Vendor	pom	name	tigris	High
Vendor	pom	url	dakrone/tigris	Highest
Product	file	name	tigris	High
Product	jar	package name	jsonstringescapinginputstream	Low
Product	jar	package name	tigris	Highest
Product	jar	package name	tigris	Low
Product	pom	artifactid	tigris	Highest
Product	pom	groupid	tigris	Highest
Product	pom	name	tigris	High
Product	pom	url	dakrone/tigris	High
Version	file	version	0.1.2	High
Version	pom	version	0.1.2	Highest

Identifiers

pkg:maven/tigris/tigris@0.1.2 (Confidence:High)

tools.analyzer-1.2.0.jar

Description:

An analyzer for Clojure code, written in Clojure and producing AST in EDN

File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer/1.2.0/tools.analyzer-1.2.0.jar
MD5: ddc1a592cfc5ce14a2b848c7523e81d4
SHA1: c74b1c275ff3fc505b1e13dd0fe85c83e8aa202c
SHA256:7801a5a7ef4fd77f560c30a638594447c3aa71ee78b7f088553b7919bd0033bb

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.analyzer	High
Vendor	pom	artifactid	tools.analyzer	Low
Vendor	pom	developer id	bronsa	Medium
Vendor	pom	developer name	Nicola Mometto	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.analyzer	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	tools.analyzer	High
Product	pom	artifactid	tools.analyzer	Highest
Product	pom	developer id	bronsa	Low
Product	pom	developer name	Nicola Mometto	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.analyzer	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.2.0	High
Version	pom	version	1.2.0	Highest

Identifiers

pkg:maven/org.clojure/tools.analyzer@1.2.0 (Confidence:High)

tools.analyzer.jvm-1.3.2.jar

Description:

Additional jvm-specific passes for tools.analyzer

File Path: /home/runner/.m2/repository/org/clojure/tools.analyzer.jvm/1.3.2/tools.analyzer.jvm-1.3.2.jar
MD5: 9e5a388bc9ef6f9ab6e3643df0cb45a5
SHA1: 0cf3cb32a9c0d5292645c8ba760f5e502fa0125e
SHA256:d8a2d59205a21281f305f3d5439ffc302182c307f9be962a76ce814a6620693d

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.analyzer.jvm	High
Vendor	pom	artifactid	tools.analyzer.jvm	Low
Vendor	pom	developer id	bronsa	Medium
Vendor	pom	developer name	Nicola Mometto	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.analyzer.jvm	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	tools.analyzer.jvm	High
Product	pom	artifactid	tools.analyzer.jvm	Highest
Product	pom	developer id	bronsa	Low
Product	pom	developer name	Nicola Mometto	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.analyzer.jvm	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.3.2	High
Version	pom	parent-version	1.3.2	Low
Version	pom	version	1.3.2	Highest

Identifiers

pkg:maven/org.clojure/tools.analyzer.jvm@1.3.2 (Confidence:High)

tools.cli-1.1.230.jar

File Path: /home/runner/.m2/repository/org/clojure/tools.cli/1.1.230/tools.cli-1.1.230.jar
MD5: 6be3fc082558e75e13151c4e7b86897c
SHA1: 239281e05dcd94d93cacbbd6187b6e8698fd18df
SHA256:916630b539a43ff468b4dd016c62857e2b4cb5da6686f1297587cdd43ca102cd

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.cli	High
Vendor	pom	artifactid	tools.cli	Low
Vendor	pom	developer name	Gareth Jones	Medium
Vendor	pom	developer name	Sean Corfield	Medium
Vendor	pom	developer name	Sung Pae	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.cli	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	tools.cli	High
Product	pom	artifactid	tools.cli	Highest
Product	pom	developer name	Gareth Jones	Low
Product	pom	developer name	Sean Corfield	Low
Product	pom	developer name	Sung Pae	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.cli	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.1.230	High
Version	pom	parent-version	1.1.230	Low
Version	pom	version	1.1.230	Highest

Identifiers

pkg:maven/org.clojure/tools.cli@1.1.230 (Confidence:High)

tools.logging-1.3.0.jar

File Path: /home/runner/.m2/repository/org/clojure/tools.logging/1.3.0/tools.logging-1.3.0.jar
MD5: b6b3c2ffeb27a25eab2d6e0e3a6e6b57
SHA1: 07d45477c1b61230b0d1fcf36afccc02155a4b32
SHA256:826969b78d9ada327de6b7da0f176457d95614fa38c280326610f31a6b515c91

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.logging	High
Vendor	pom	artifactid	tools.logging	Low
Vendor	pom	developer name	Alex Taggart	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.logging	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	tools.logging	High
Product	pom	artifactid	tools.logging	Highest
Product	pom	developer name	Alex Taggart	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.logging	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.3.0	High
Version	pom	parent-version	1.3.0	Low
Version	pom	version	1.3.0	Highest

Identifiers

pkg:maven/org.clojure/tools.logging@1.3.0 (Confidence:High)
cpe:2.3:a:alex_project:alex:1.3.0:*:*:*:*:*:*:* (Confidence:Low)

tools.reader-1.5.0.jar

Description:

A Clojure reader in Clojure

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/tools.reader/1.5.0/tools.reader-1.5.0.jar
MD5: 90aeb9ddb25d485920ff3fd248315d54
SHA1: 4149c49bec1f3614f76b13c0a81797cfabef112e
SHA256:bfc8f709efb843f2ccc4daa93e2842ceb86e7b8d11d5544dc0ee68b6a0f4db3c

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.reader	High
Vendor	pom	artifactid	tools.reader	Low
Vendor	pom	developer id	Bronsa	Medium
Vendor	pom	developer name	Nicola Mometto	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.reader	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Vendor	pom	url	clojure/tools.reader	Highest
Product	file	name	tools.reader	High
Product	pom	artifactid	tools.reader	Highest
Product	pom	developer id	Bronsa	Low
Product	pom	developer name	Nicola Mometto	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.reader	High
Product	pom	parent-artifactid	pom.contrib	Medium
Product	pom	url	clojure/tools.reader	High
Version	file	version	1.5.0	High
Version	pom	parent-version	1.5.0	Low
Version	pom	version	1.5.0	Highest

Identifiers

pkg:maven/org.clojure/tools.reader@1.5.0 (Confidence:High)

websocket-api-9.4.58.v20250814.jar

Description:

Jetty module for Jetty :: Websocket :: API

License:

http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php

File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-api/9.4.58.v20250814/websocket-api-9.4.58.v20250814.jar
MD5: 9e727b200ea070b382dab0522f366510
SHA1: 8375bc732739de33bbe164989d37576762eaa38d
SHA256:213d146065ebf2cbfa8a9c06b4cdfe79f94c0af3f93c15d9e67c0e3af015067f

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	websocket-api	High
Vendor	jar	package name	api	Highest
Vendor	jar	package name	eclipse	Highest
Vendor	jar	package name	jetty	Highest
Vendor	jar	package name	websocket	Highest
Vendor	Manifest	automatic-module-name	org.eclipse.jetty.websocket.api	Medium
Vendor	Manifest	build-jdk-spec	17	Low
Vendor	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Vendor	Manifest	bundle-docurl	https://jetty.org/	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.api	Medium
Vendor	Manifest	Implementation-Vendor	Eclipse Jetty Project	High
Vendor	Manifest	url	https://jetty.org/	Low
Vendor	pom	artifactid	websocket-api	Low
Vendor	pom	groupid	org.eclipse.jetty.websocket	Highest
Vendor	pom	name	Jetty :: Websocket :: API	High
Vendor	pom	parent-artifactid	websocket-parent	Low
Product	file	name	websocket-api	High
Product	jar	package name	api	Highest
Product	jar	package name	eclipse	Highest
Product	jar	package name	jetty	Highest
Product	jar	package name	websocket	Highest
Product	Manifest	automatic-module-name	org.eclipse.jetty.websocket.api	Medium
Product	Manifest	build-jdk-spec	17	Low
Product	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Product	Manifest	bundle-docurl	https://jetty.org/	Low
Product	Manifest	Bundle-Name	Jetty :: Websocket :: API	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.api	Medium
Product	Manifest	url	https://jetty.org/	Low
Product	pom	artifactid	websocket-api	Highest
Product	pom	groupid	org.eclipse.jetty.websocket	Highest
Product	pom	name	Jetty :: Websocket :: API	High
Product	pom	parent-artifactid	websocket-parent	Medium
Version	file	version	9.4.58.v20250814	High
Version	Manifest	Bundle-Version	9.4.58.v20250814	High
Version	Manifest	Implementation-Version	9.4.58.v20250814	High
Version	pom	version	9.4.58.v20250814	Highest

Identifiers

pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.58.v20250814 (Confidence:High)
cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)

websocket-client-9.4.58.v20250814.jar

Description:

Jetty module for Jetty :: Websocket :: Client

License:

http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php

File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-client/9.4.58.v20250814/websocket-client-9.4.58.v20250814.jar
MD5: 0e6e61895792fcba7584a46b45995b2d
SHA1: def27af0dc52086738483191761bd8edd08ff625
SHA256:fdb8648fb1139ab001c8d5ebc4f3ab5baf007f48bd86ec2969c504ac3011f878

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	websocket-client	High
Vendor	jar	package name	client	Highest
Vendor	jar	package name	eclipse	Highest
Vendor	jar	package name	jetty	Highest
Vendor	jar	package name	websocket	Highest
Vendor	Manifest	automatic-module-name	org.eclipse.jetty.websocket.client	Medium
Vendor	Manifest	build-jdk-spec	17	Low
Vendor	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Vendor	Manifest	bundle-docurl	https://jetty.org/	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.client	Medium
Vendor	Manifest	Implementation-Vendor	Eclipse Jetty Project	High
Vendor	Manifest	url	https://jetty.org/	Low
Vendor	pom	artifactid	websocket-client	Low
Vendor	pom	groupid	org.eclipse.jetty.websocket	Highest
Vendor	pom	name	Jetty :: Websocket :: Client	High
Vendor	pom	parent-artifactid	websocket-parent	Low
Product	file	name	websocket-client	High
Product	jar	package name	client	Highest
Product	jar	package name	eclipse	Highest
Product	jar	package name	jetty	Highest
Product	jar	package name	websocket	Highest
Product	Manifest	automatic-module-name	org.eclipse.jetty.websocket.client	Medium
Product	Manifest	build-jdk-spec	17	Low
Product	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Product	Manifest	bundle-docurl	https://jetty.org/	Low
Product	Manifest	Bundle-Name	Jetty :: Websocket :: Client	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.client	Medium
Product	Manifest	url	https://jetty.org/	Low
Product	pom	artifactid	websocket-client	Highest
Product	pom	groupid	org.eclipse.jetty.websocket	Highest
Product	pom	name	Jetty :: Websocket :: Client	High
Product	pom	parent-artifactid	websocket-parent	Medium
Version	file	version	9.4.58.v20250814	High
Version	Manifest	Bundle-Version	9.4.58.v20250814	High
Version	Manifest	Implementation-Version	9.4.58.v20250814	High
Version	pom	version	9.4.58.v20250814	Highest

Identifiers

pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.58.v20250814 (Confidence:High)
cpe:2.3:a:eclipse:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)

websocket-common-9.4.58.v20250814.jar

Description:

Jetty module for Jetty :: Websocket :: Common

License:

http://www.apache.org/licenses/LICENSE-2.0, https://www.eclipse.org/org/documents/epl-v10.php

File Path: /home/runner/.m2/repository/org/eclipse/jetty/websocket/websocket-common/9.4.58.v20250814/websocket-common-9.4.58.v20250814.jar
MD5: 3bd0ba23faeca12f9fa9015bd83598a3
SHA1: 35d5d3b947643920cfcf82f02d0c139a7c338c5a
SHA256:07c62b7ceaff2d7160aff98b912f28da9f2c66ed7adec972e39af5176afec1ae

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	websocket-common	High
Vendor	jar	package name	common	Highest
Vendor	jar	package name	eclipse	Highest
Vendor	jar	package name	jetty	Highest
Vendor	jar	package name	websocket	Highest
Vendor	Manifest	automatic-module-name	org.eclipse.jetty.websocket.common	Medium
Vendor	Manifest	build-jdk-spec	17	Low
Vendor	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Vendor	Manifest	bundle-docurl	https://jetty.org/	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.common	Medium
Vendor	Manifest	Implementation-Vendor	Eclipse Jetty Project	High
Vendor	Manifest	provide-capability	osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.websocket.api.extensions.Extension"	Low
Vendor	Manifest	url	https://jetty.org/	Low
Vendor	pom	artifactid	websocket-common	Low
Vendor	pom	groupid	org.eclipse.jetty.websocket	Highest
Vendor	pom	name	Jetty :: Websocket :: Common	High
Vendor	pom	parent-artifactid	websocket-parent	Low
Product	file	name	websocket-common	High
Product	jar	package name	common	Highest
Product	jar	package name	eclipse	Highest
Product	jar	package name	jetty	Highest
Product	jar	package name	websocket	Highest
Product	Manifest	automatic-module-name	org.eclipse.jetty.websocket.common	Medium
Product	Manifest	build-jdk-spec	17	Low
Product	Manifest	bundle-copyright	Copyright (c) 2008-2022 Mort Bay Consulting Pty Ltd and others.	Low
Product	Manifest	bundle-docurl	https://jetty.org/	Low
Product	Manifest	Bundle-Name	Jetty :: Websocket :: Common	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.eclipse.jetty.websocket.common	Medium
Product	Manifest	provide-capability	osgi.serviceloader;osgi.serviceloader="org.eclipse.jetty.websocket.api.extensions.Extension"	Low
Product	Manifest	url	https://jetty.org/	Low
Product	pom	artifactid	websocket-common	Highest
Product	pom	groupid	org.eclipse.jetty.websocket	Highest
Product	pom	name	Jetty :: Websocket :: Common	High
Product	pom	parent-artifactid	websocket-parent	Medium
Version	file	version	9.4.58.v20250814	High
Version	Manifest	Bundle-Version	9.4.58.v20250814	High
Version	Manifest	Implementation-Version	9.4.58.v20250814	High
Version	pom	version	9.4.58.v20250814	Highest

Identifiers

pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.58.v20250814 (Confidence:High)
cpe:2.3:a:eclipse:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:mortbay_jetty:jetty:9.4.58:20250814:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:websocket-extensions_project:websocket-extensions:9.4.58:20250814:*:*:*:*:*:* (Confidence:Low)

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: com.github.pmonks/bvpbot 1.0.20250916

Summary

Dependencies (vulnerable)

aero-1.1.6.jar

Evidence

Identifiers

asm-9.2.jar

Evidence

Identifiers

camel-snake-kebab-0.4.3.jar

Evidence

Identifiers

cheshire-6.1.0.jar

Evidence

Identifiers

clj-2253-0.1.0.jar

Evidence

Identifiers

clj-wcwidth-1.0.125.jar

Evidence

Identifiers

clojure-1.12.2.jar

Evidence

Identifiers

clojure.java-time-1.4.3.jar

Evidence

Identifiers

commons-beanutils-1.11.0.jar

Evidence

Identifiers

commons-collections-3.2.2.jar

Evidence

Identifiers

commons-digester-2.1.jar

Evidence

Identifiers

commons-logging-1.3.5.jar

Evidence

Identifiers

commons-validator-1.10.0.jar

Evidence

Identifiers

core.async-1.8.741.jar

Evidence

Identifiers

core.cache-1.1.234.jar

Evidence

Identifiers

core.memoize-1.1.266.jar

Evidence

Identifiers

core.specs.alpha-0.4.74.jar

Evidence

Identifiers

data.json-2.3.1.jar

Evidence

Identifiers

data.priority-map-1.2.0.jar

Evidence

Identifiers

discljord-1.3.1.jar

Evidence

Identifiers

embroidery-1.0.44.jar

Evidence

Identifiers

gniazdo-1.2.2.jar

Evidence

Identifiers

hato-1.0.0.jar

Evidence

Identifiers

http-kit-2.8.1.jar

Evidence

Identifiers

jackson-core-2.20.0.jar

Evidence

Identifiers

jackson-dataformat-cbor-2.20.0.jar

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor