Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.1.0Report Generated On : Tue, 24 Jun 2025 03:22:10 GMTDependencies Scanned : 15 (15 unique)Vulnerable Dependencies : 1 Vulnerabilities Found : 1Vulnerabilities Suppressed : 0 ... NVD API Last Checked : 2025-06-24T03:22:01ZNVD API Last Modified : 2025-06-24T03:15:35ZSummary Display:
Showing Vulnerable Dependencies (click to show all) clojure-1.12.1.jarDescription:
Clojure core environment and runtime library. License:
Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php File Path: /home/runner/.m2/repository/org/clojure/clojure/1.12.1/clojure-1.12.1.jar
MD5: 8c3e8e01592478d8296140682a3c8bc5
SHA1: 9280a39f8342673eac582e8909fd4f46026bfd50
SHA256: 87eeea9e355d86c045738af494d683e09e914cb0467ae40d46a66b87a36c72d4
Evidence Type Source Name Value Confidence Vendor file name clojure High Vendor jar package name clojure Highest Vendor jar package name core Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid clojure Low Vendor pom developer email richhickey@gmail.com Low Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name clojure High Vendor pom url http://clojure.org/ Highest Product file name clojure High Product jar package name clojure Highest Product jar package name core Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid clojure Highest Product pom developer email richhickey@gmail.com Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name clojure High Product pom url http://clojure.org/ Medium Version file version 1.12.1 High Version pom version 1.12.1 Highest
commons-lang3-3.5.jarDescription:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.5/commons-lang3-3.5.jar
MD5: 780b5a8b72eebe6d0dbff1c11b5658fa
SHA1: 6c6c702c89bfff3cd9e80b04d668c5e190d588c6
SHA256: 8ac96fc686512d777fca85e144f196cd7cfe0c0aec23127229497d1a38ff651c
Evidence Type Source Name Value Confidence Vendor file name commons-lang3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang3 Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor Manifest implementation-build release@r36f98d87b24c2f542b02abbf6ec1ee742f1b158b; 2016-10-13 19:52:17+0000 Low Vendor Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang3 Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email lguibert@apache.org Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id lguibert Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary D. Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Loic Guibert Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/proper/commons-lang/ Highest Product file name commons-lang3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang3 Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Product Manifest Bundle-Name Apache Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product Manifest implementation-build release@r36f98d87b24c2f542b02abbf6ec1ee742f1b158b; 2016-10-13 19:52:17+0000 Low Product Manifest Implementation-Title Apache Commons Lang High Product Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Product Manifest specification-title Apache Commons Lang Medium Product pom artifactid commons-lang3 Highest Product pom developer email bayard@apache.org Low Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email lguibert@apache.org Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id lguibert Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Benedikt Ritter Low Product pom developer name Daniel Rall Low Product pom developer name Duncan Jones Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary D. Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Loic Guibert Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org SITA ATS Ltd Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-lang/ Medium Version file version 3.5 High Version Manifest Implementation-Version 3.5 High Version pom parent-version 3.5 Low Version pom version 3.5 Highest
core.specs.alpha-0.4.74.jarDescription:
Specs for clojure.core License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/ File Path: /home/runner/.m2/repository/org/clojure/core.specs.alpha/0.4.74/core.specs.alpha-0.4.74.jar
MD5: ebd37b9a3c39e6b769fc1463737cb8d4
SHA1: d56a8d4c666ff8140e6d0a62d41263134be39254
SHA256: eb73ac08cf49ba840c88ba67beef11336ca554333d9408808d78946e0feb9ddb
Evidence Type Source Name Value Confidence Vendor file name core.specs.alpha High Vendor pom artifactid core.specs.alpha Low Vendor pom developer id puredanger Medium Vendor pom developer name Alex Miller Medium Vendor pom groupid org.clojure Highest Vendor pom name core.specs.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name core.specs.alpha High Product pom artifactid core.specs.alpha Highest Product pom developer id puredanger Low Product pom developer name Alex Miller Low Product pom groupid org.clojure Highest Product pom name core.specs.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.4.74 High Version pom parent-version 0.4.74 Low Version pom version 0.4.74 Highest
gson-2.8.9.jarDescription:
Gson JSON library License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/gson/gson/2.8.9/gson-2.8.9.jar
MD5: e67627f67e03301092dc7de0a2d7cef8
SHA1: 8a432c1d6825781e21a02db2e2c33c5fde2833b9
SHA256: d3999291855de495c94c743761b8ab5176cfeabe281a5ab0d8e8d45326fd703e
Evidence Type Source Name Value Confidence Vendor file name gson High Vendor jar package name google Highest Vendor jar package name gson Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor Manifest bundle-docurl https://github.com/google/gson/gson Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product file name gson High Product jar package name google Highest Product jar package name gson Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-contactaddress https://github.com/google/gson Low Product Manifest bundle-docurl https://github.com/google/gson/gson Low Product Manifest Bundle-Name Gson Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product Manifest bundle-symbolicname com.google.gson Medium Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version file version 2.8.9 High Version Manifest Bundle-Version 2.8.9 High Version pom version 2.8.9 Highest
instaparse-1.5.0.jarDescription:
Instaparse: No grammar left behind License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/instaparse/instaparse/1.5.0/instaparse-1.5.0.jar
MD5: b858977bcb62c8913768cfb0fb01a4c9
SHA1: edc617bd20362b2fc870df88f1687426a69fe007
SHA256: c2bcd6f3a74d1a114973e6ac71e3536f6b035f29f769e9d1ec528ffe5e56cc27
Evidence Type Source Name Value Confidence Vendor file name instaparse High Vendor Manifest leiningen-project-artifactid instaparse Low Vendor Manifest leiningen-project-groupid instaparse Low Vendor pom artifactid instaparse Low Vendor pom groupid instaparse Highest Vendor pom name instaparse High Vendor pom url Engelberg/instaparse Highest Product file name instaparse High Product Manifest leiningen-project-artifactid instaparse Low Product Manifest leiningen-project-groupid instaparse Low Product pom artifactid instaparse Highest Product pom groupid instaparse Highest Product pom name instaparse High Product pom url Engelberg/instaparse High Version file version 1.5.0 High Version Manifest leiningen-project-version 1.5.0 Medium Version pom version 1.5.0 Highest
java-spdx-library-2.0.0.jarDescription:
Java library which implements the Java object model for SPDX and provides useful helper functions. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/spdx/java-spdx-library/2.0.0/java-spdx-library-2.0.0.jar
MD5: 7fd3cffb9bada9f7db62a5ad851eef45
SHA1: 4d099087814c4d9806689cdfca0de6a58cb22a88
SHA256: 0186ddd72174fc6846a27f679392de6ed7fcc35598eb638cc7cf4d7eef604462
Evidence Type Source Name Value Confidence Vendor file name java-spdx-library High Vendor jar package name library Highest Vendor jar package name spdx Highest Vendor Manifest automatic-module-name org.spdx.library Medium Vendor Manifest build-jdk-spec 23 Low Vendor pom artifactid java-spdx-library Low Vendor pom developer email gary@sourceauditor.com Low Vendor pom developer id goneall Medium Vendor pom developer name Gary O'Neall Medium Vendor pom developer org SPDX Medium Vendor pom developer org URL http://spdx.org Medium Vendor pom groupid org.spdx Highest Vendor pom name java-spdx-library High Vendor pom organization name SPDX High Vendor pom organization url http://spdx.org Medium Vendor pom url spdx/Spdx-Java-Library Highest Product file name java-spdx-library High Product jar package name library Highest Product jar package name spdx Highest Product Manifest automatic-module-name org.spdx.library Medium Product Manifest build-jdk-spec 23 Low Product pom artifactid java-spdx-library Highest Product pom developer email gary@sourceauditor.com Low Product pom developer id goneall Low Product pom developer name Gary O'Neall Low Product pom developer org SPDX Low Product pom developer org URL http://spdx.org Low Product pom groupid org.spdx Highest Product pom name java-spdx-library High Product pom organization name SPDX Low Product pom organization url http://spdx.org Low Product pom url spdx/Spdx-Java-Library High Version file version 2.0.0 High Version pom version 2.0.0 Highest
jsoup-1.15.3.jarDescription:
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. License:
The MIT License: https://jsoup.org/license File Path: /home/runner/.m2/repository/org/jsoup/jsoup/1.15.3/jsoup-1.15.3.jar
MD5: 4f16c3b17b8c1b0173b1ed9f99f2c27c
SHA1: f6e1d8a8819f854b681c8eaa57fd59a42329e10c
SHA256: e20a5e78b1372f2a4e620832db4442d5077e5cbde280b24c666a3770844999bc
Evidence Type Source Name Value Confidence Vendor file name jsoup High Vendor jar package name jsoup Highest Vendor jar package name parser Highest Vendor Manifest automatic-module-name org.jsoup Medium Vendor Manifest build-jdk-spec 18 Low Vendor Manifest bundle-docurl https://jsoup.org/ Low Vendor Manifest bundle-symbolicname org.jsoup Medium Vendor Manifest Implementation-Vendor Jonathan Hedley High Vendor pom artifactid jsoup Low Vendor pom developer email jonathan@hedley.net Low Vendor pom developer id jhy Medium Vendor pom developer name Jonathan Hedley Medium Vendor pom groupid org.jsoup Highest Vendor pom name jsoup Java HTML Parser High Vendor pom organization name Jonathan Hedley High Vendor pom organization url https://jhy.io/ Medium Vendor pom url https://jsoup.org/ Highest Product file name jsoup High Product jar package name jsoup Highest Product jar package name parser Highest Product Manifest automatic-module-name org.jsoup Medium Product Manifest build-jdk-spec 18 Low Product Manifest bundle-docurl https://jsoup.org/ Low Product Manifest Bundle-Name jsoup Java HTML Parser Medium Product Manifest bundle-symbolicname org.jsoup Medium Product Manifest Implementation-Title jsoup Java HTML Parser High Product pom artifactid jsoup Highest Product pom developer email jonathan@hedley.net Low Product pom developer id jhy Low Product pom developer name Jonathan Hedley Low Product pom groupid org.jsoup Highest Product pom name jsoup Java HTML Parser High Product pom organization name Jonathan Hedley Low Product pom organization url https://jhy.io/ Low Product pom url https://jsoup.org/ Medium Version file version 1.15.3 High Version Manifest Bundle-Version 1.15.3 High Version Manifest Implementation-Version 1.15.3 High Version pom version 1.15.3 Highest
jsr305-3.0.2.jarDescription:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
rencg-1.0.64.jarDescription:
A micro-library for Clojure that provides first class support for named-capturing groups in regular expressions. License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/com/github/pmonks/rencg/1.0.64/rencg-1.0.64.jar
MD5: 5fc6641890f0d3c73ae6d8fe32f30908
SHA1: 2420de94e551842b4d6e4749ce49dda9c0547b80
SHA256: 32ca868b506b8516b4c295838943b5ea9f30939ca3e9923d3b9a30fd16d94729
Evidence Type Source Name Value Confidence Vendor file name rencg High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid rencg Low Vendor pom developer email pmonks+rencg@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name rencg High Vendor pom url pmonks/rencg Highest Product file name rencg High Product Manifest build-jdk-spec 21 Low Product pom artifactid rencg Highest Product pom developer email pmonks+rencg@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name rencg High Product pom url pmonks/rencg High Version file version 1.0.64 High Version pom version 1.0.64 Highest
slf4j-api-2.0.17.jarDescription:
The slf4j API License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
spdx-java-core-1.0.0.jarDescription:
Core libraries for SPDX License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/spdx/spdx-java-core/1.0.0/spdx-java-core-1.0.0.jar
MD5: ce02c67f029c12f2da5d19a592076213
SHA1: 7bf1850d8d0c205f483e7558a087f434e296cfd3
SHA256: b81c444457cb1e3d91833777330905a62be4e53a618e119fbd1236c67b00d417
Evidence Type Source Name Value Confidence Vendor file name spdx-java-core High Vendor jar package name core Highest Vendor jar package name spdx Highest Vendor Manifest automatic-module-name org.spdx.core Medium Vendor Manifest build-jdk-spec 23 Low Vendor pom artifactid spdx-java-core Low Vendor pom developer email gary@sourceauditor.com Low Vendor pom developer id goneall Medium Vendor pom developer name Gary O'Neall Medium Vendor pom developer org SPDX Medium Vendor pom developer org URL http://spdx.org Medium Vendor pom groupid org.spdx Highest Vendor pom name spdx-java-core High Vendor pom organization name SPDX High Vendor pom organization url http://spdx.org Medium Vendor pom url spdx/spdx-java-core Highest Product file name spdx-java-core High Product jar package name core Highest Product jar package name spdx Highest Product Manifest automatic-module-name org.spdx.core Medium Product Manifest build-jdk-spec 23 Low Product pom artifactid spdx-java-core Highest Product pom developer email gary@sourceauditor.com Low Product pom developer id goneall Low Product pom developer name Gary O'Neall Low Product pom developer org SPDX Low Product pom developer org URL http://spdx.org Low Product pom groupid org.spdx Highest Product pom name spdx-java-core High Product pom organization name SPDX Low Product pom organization url http://spdx.org Low Product pom url spdx/spdx-java-core High Version file version 1.0.0 High Version pom version 1.0.0 Highest
spdx-java-model-2_X-1.0.0.jarDescription:
SPDX model versions 2.0, 2.1, and 2.3 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/spdx/spdx-java-model-2_X/1.0.0/spdx-java-model-2_X-1.0.0.jar
MD5: b3513ecc9b3e8c4ba639a03dcd915f69
SHA1: e9157d760e07087a5d155481ea2c0015294c6a88
SHA256: fdd300caeea585191173718506fd9cb4c6c98cf22f9166dcb6dbed140ad98823
Evidence Type Source Name Value Confidence Vendor file name spdx-java-model-2_X High Vendor jar package name model Highest Vendor jar package name spdx Highest Vendor jar package name v2 Highest Vendor Manifest automatic-module-name org.spdx.model.v2 Medium Vendor Manifest build-jdk-spec 23 Low Vendor pom artifactid spdx-java-model-2_X Low Vendor pom developer email gary@sourceauditor.com Low Vendor pom developer id goneall Medium Vendor pom developer name Gary O'Neall Medium Vendor pom developer org SPDX Medium Vendor pom developer org URL http://spdx.org Medium Vendor pom groupid org.spdx Highest Vendor pom name spdx-java-model-2_X High Vendor pom organization name SPDX High Vendor pom organization url http://spdx.org Medium Vendor pom url spdx/spdx-java-model-2_X Highest Product file name spdx-java-model-2_X High Product jar package name model Highest Product jar package name spdx Highest Product jar package name v2 Highest Product Manifest automatic-module-name org.spdx.model.v2 Medium Product Manifest build-jdk-spec 23 Low Product pom artifactid spdx-java-model-2_X Highest Product pom developer email gary@sourceauditor.com Low Product pom developer id goneall Low Product pom developer name Gary O'Neall Low Product pom developer org SPDX Low Product pom developer org URL http://spdx.org Low Product pom groupid org.spdx Highest Product pom name spdx-java-model-2_X High Product pom organization name SPDX Low Product pom organization url http://spdx.org Low Product pom url spdx/spdx-java-model-2_X High Version file version 1.0.0 High Version pom version 1.0.0 Highest
CVE-2006-0197 suppress
The XClientMessageEvent struct used in certain components of X.Org 6.8.2 and earlier, possibly including (1) the X server and (2) Xlib, uses a "long" specifier for elements of the l array, which results in inconsistent sizes in the struct on 32-bit versus 64-bit platforms, and might allow attackers to cause a denial of service (application crash) and possibly conduct other attacks. NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P References:
Vulnerable Software & Versions:
spdx-java-model-3_0-1.0.0.jarDescription:
Generated java model source code License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/spdx/spdx-java-model-3_0/1.0.0/spdx-java-model-3_0-1.0.0.jar
MD5: a65850df6808a6515b8aa2c7845bd12a
SHA1: 335274ce9df77bd3d5afb46c351f4f72bd8cd1a8
SHA256: ba0ec6c275e9b1437ce1240802536a44067ce0464b3b87646afafb42e514c2c4
Evidence Type Source Name Value Confidence Vendor file name spdx-java-model-3_0 High Vendor jar package name model Highest Vendor jar package name spdx Highest Vendor Manifest automatic-module-name org.spdx.model.v3 Medium Vendor Manifest build-jdk-spec 23 Low Vendor pom artifactid spdx-java-model-3_0 Low Vendor pom developer email gary@sourceauditor.com Low Vendor pom developer id goneall Medium Vendor pom developer name Gary O'Neall Medium Vendor pom developer org SPDX Medium Vendor pom developer org URL http://spdx.org Medium Vendor pom groupid org.spdx Highest Vendor pom name spdx-java-model-3 High Vendor pom organization name SPDX High Vendor pom organization url http://spdx.org Medium Vendor pom url spdx/spdx-java-model-3_0 Highest Product file name spdx-java-model-3_0 High Product jar package name model Highest Product jar package name spdx Highest Product Manifest automatic-module-name org.spdx.model.v3 Medium Product Manifest build-jdk-spec 23 Low Product pom artifactid spdx-java-model-3_0 Highest Product pom developer email gary@sourceauditor.com Low Product pom developer id goneall Low Product pom developer name Gary O'Neall Low Product pom developer org SPDX Low Product pom developer org URL http://spdx.org Low Product pom groupid org.spdx Highest Product pom name spdx-java-model-3 High Product pom organization name SPDX Low Product pom organization url http://spdx.org Low Product pom url spdx/spdx-java-model-3_0 High Version file version 1.0.0 High Version pom version 1.0.0 Highest
spec.alpha-0.5.238.jarDescription:
Specification of data and functions License:
Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/ File Path: /home/runner/.m2/repository/org/clojure/spec.alpha/0.5.238/spec.alpha-0.5.238.jar
MD5: 9f5ea5239dc04d6a8115add1e4f5f23a
SHA1: 4eb5dea521c4e6e1f68c2c47517f14a922003e60
SHA256: 94cd99b6ea639641f37af4860a643b6ed399ee5a8be5d717cff0b663c8d75077
Evidence Type Source Name Value Confidence Vendor file name spec.alpha High Vendor jar package name alpha Highest Vendor jar package name clojure Highest Vendor jar package name clojure Low Vendor jar package name spec Highest Vendor jar package name spec Low Vendor pom artifactid spec.alpha Low Vendor pom developer id richhickey Medium Vendor pom developer name Rich Hickey Medium Vendor pom groupid org.clojure Highest Vendor pom name spec.alpha High Vendor pom parent-artifactid pom.contrib Low Product file name spec.alpha High Product jar package name alpha Highest Product jar package name clojure Highest Product jar package name spec Highest Product jar package name spec Low Product pom artifactid spec.alpha Highest Product pom developer id richhickey Low Product pom developer name Rich Hickey Low Product pom groupid org.clojure Highest Product pom name spec.alpha High Product pom parent-artifactid pom.contrib Medium Version file version 0.5.238 High Version pom parent-version 0.5.238 Low Version pom version 0.5.238 Highest
wreck-0.1.66.jarDescription:
A micro-library for Clojure(Script) that provides regular expression construction functions. License:
MPL-2.0: https://www.mozilla.org/en-US/MPL/2.0/ File Path: /home/runner/.m2/repository/com/github/pmonks/wreck/0.1.66/wreck-0.1.66.jar
MD5: 93609748b03e1b1e40114171c7f0d15a
SHA1: 1937426fbd5b90100be53dcbb631e5416f12c381
SHA256: d22413de6d58f4bbd6090f3857f69d42db82411789edc5f64bf18d1a2f266837
Evidence Type Source Name Value Confidence Vendor file name wreck High Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid wreck Low Vendor pom developer email pmonks+wreck@gmail.com Low Vendor pom developer id pmonks Medium Vendor pom developer name Peter Monks Medium Vendor pom groupid com.github.pmonks Highest Vendor pom name wreck High Vendor pom url pmonks/wreck Highest Product file name wreck High Product Manifest build-jdk-spec 21 Low Product pom artifactid wreck Highest Product pom developer email pmonks+wreck@gmail.com Low Product pom developer id pmonks Low Product pom developer name Peter Monks Low Product pom groupid com.github.pmonks Highest Product pom name wreck High Product pom url pmonks/wreck High Version file version 0.1.66 High Version pom version 0.1.66 Highest