Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 12.0.2
Report Generated On: Tue, 11 Feb 2025 02:57:32 GMT
Dependencies Scanned: 4 (4 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2025-02-11T02:57:23Z
NVD API Last Modified: 2025-02-11T02:15:37Z

Summary

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Confidence	Evidence Count
clojure-1.12.0.jar	cpe:2.3:a:clojure:clojure:1.12.0:::::::*	pkg:maven/org.clojure/clojure@1.12.0	Highest	22
core.specs.alpha-0.4.74.jar	cpe:2.3:a:alex_project:alex:0.4.74:::::::*	pkg:maven/org.clojure/core.specs.alpha@0.4.74	Low	17
spec.alpha-0.5.238.jar		pkg:maven/org.clojure/spec.alpha@0.5.238		26
tools.logging-1.3.0.jar	cpe:2.3:a:alex_project:alex:1.3.0:::::::*	pkg:maven/org.clojure/tools.logging@1.3.0	Low	15

Dependencies (vulnerable)

clojure-1.12.0.jar

Description:

Clojure core environment and runtime library.

License:

Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php

File Path: /home/runner/.m2/repository/org/clojure/clojure/1.12.0/clojure-1.12.0.jar
MD5: 674322e2210fcd1a807b3526f74c9242
SHA1: 8e0b7e60ea3c8f1ef4273d695b27a6cb85000571
SHA256:c45333006441a059ea9fdb1341fc6c1f40b921a10dccd82665311e48a0384763

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	clojure	High
Vendor	jar	package name	clojure	Highest
Vendor	jar	package name	core	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	pom	artifactid	clojure	Low
Vendor	pom	developer email	richhickey@gmail.com	Low
Vendor	pom	developer name	Rich Hickey	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	clojure	High
Vendor	pom	url	http://clojure.org/	Highest
Product	file	name	clojure	High
Product	jar	package name	clojure	Highest
Product	jar	package name	core	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	pom	artifactid	clojure	Highest
Product	pom	developer email	richhickey@gmail.com	Low
Product	pom	developer name	Rich Hickey	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	clojure	High
Product	pom	url	http://clojure.org/	Medium
Version	file	version	1.12.0	High
Version	pom	version	1.12.0	Highest

Identifiers

pkg:maven/org.clojure/clojure@1.12.0 (Confidence:High)
cpe:2.3:a:clojure:clojure:1.12.0:*:*:*:*:*:*:* (Confidence:Highest)

core.specs.alpha-0.4.74.jar

Description:

Specs for clojure.core

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/core.specs.alpha/0.4.74/core.specs.alpha-0.4.74.jar
MD5: ebd37b9a3c39e6b769fc1463737cb8d4
SHA1: d56a8d4c666ff8140e6d0a62d41263134be39254
SHA256:eb73ac08cf49ba840c88ba67beef11336ca554333d9408808d78946e0feb9ddb

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	core.specs.alpha	High
Vendor	pom	artifactid	core.specs.alpha	Low
Vendor	pom	developer id	puredanger	Medium
Vendor	pom	developer name	Alex Miller	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	core.specs.alpha	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	core.specs.alpha	High
Product	pom	artifactid	core.specs.alpha	Highest
Product	pom	developer id	puredanger	Low
Product	pom	developer name	Alex Miller	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	core.specs.alpha	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	0.4.74	High
Version	pom	parent-version	0.4.74	Low
Version	pom	version	0.4.74	Highest

Identifiers

pkg:maven/org.clojure/core.specs.alpha@0.4.74 (Confidence:High)
cpe:2.3:a:alex_project:alex:0.4.74:*:*:*:*:*:*:* (Confidence:Low)

spec.alpha-0.5.238.jar

Description:

Specification of data and functions

License:

Eclipse Public License 1.0: https://opensource.org/license/epl-1-0/

File Path: /home/runner/.m2/repository/org/clojure/spec.alpha/0.5.238/spec.alpha-0.5.238.jar
MD5: 9f5ea5239dc04d6a8115add1e4f5f23a
SHA1: 4eb5dea521c4e6e1f68c2c47517f14a922003e60
SHA256:94cd99b6ea639641f37af4860a643b6ed399ee5a8be5d717cff0b663c8d75077

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	spec.alpha	High
Vendor	jar	package name	alpha	Highest
Vendor	jar	package name	clojure	Highest
Vendor	jar	package name	clojure	Low
Vendor	jar	package name	spec	Highest
Vendor	jar	package name	spec	Low
Vendor	pom	artifactid	spec.alpha	Low
Vendor	pom	developer id	richhickey	Medium
Vendor	pom	developer name	Rich Hickey	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	spec.alpha	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	spec.alpha	High
Product	jar	package name	alpha	Highest
Product	jar	package name	clojure	Highest
Product	jar	package name	spec	Highest
Product	jar	package name	spec	Low
Product	pom	artifactid	spec.alpha	Highest
Product	pom	developer id	richhickey	Low
Product	pom	developer name	Rich Hickey	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	spec.alpha	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	0.5.238	High
Version	pom	parent-version	0.5.238	Low
Version	pom	version	0.5.238	Highest

Identifiers

pkg:maven/org.clojure/spec.alpha@0.5.238 (Confidence:High)

tools.logging-1.3.0.jar

File Path: /home/runner/.m2/repository/org/clojure/tools.logging/1.3.0/tools.logging-1.3.0.jar
MD5: b6b3c2ffeb27a25eab2d6e0e3a6e6b57
SHA1: 07d45477c1b61230b0d1fcf36afccc02155a4b32
SHA256:826969b78d9ada327de6b7da0f176457d95614fa38c280326610f31a6b515c91

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	tools.logging	High
Vendor	pom	artifactid	tools.logging	Low
Vendor	pom	developer name	Alex Taggart	Medium
Vendor	pom	groupid	org.clojure	Highest
Vendor	pom	name	tools.logging	High
Vendor	pom	parent-artifactid	pom.contrib	Low
Product	file	name	tools.logging	High
Product	pom	artifactid	tools.logging	Highest
Product	pom	developer name	Alex Taggart	Low
Product	pom	groupid	org.clojure	Highest
Product	pom	name	tools.logging	High
Product	pom	parent-artifactid	pom.contrib	Medium
Version	file	version	1.3.0	High
Version	pom	parent-version	1.3.0	Low
Version	pom	version	1.3.0	Highest

Identifiers

pkg:maven/org.clojure/tools.logging@1.3.0 (Confidence:High)
cpe:2.3:a:alex_project:alex:1.3.0:*:*:*:*:*:*:* (Confidence:Low)

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor

Project: com.github.pmonks/urlocal 1.0.67-SNAPSHOT

Summary

Dependencies (vulnerable)

clojure-1.12.0.jar

Evidence

Identifiers

core.specs.alpha-0.4.74.jar

Evidence

Identifiers

spec.alpha-0.5.238.jar

Evidence

Identifiers

tools.logging-1.3.0.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: com.github.pmonks/urlocal 1.0.67-SNAPSHOT

Summary

Dependencies (vulnerable)

clojure-1.12.0.jar

Evidence

Identifiers

core.specs.alpha-0.4.74.jar

Evidence

Identifiers

spec.alpha-0.5.238.jar

Evidence

Identifiers

tools.logging-1.3.0.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor