Press CTR-C to copy XML [help]

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Project: Java API Sniffer Maven Plugin

Scan Information (show all):

Display: Showing Vulnerable Dependencies (click to show all)

Dependency CPE GAV Highest Severity CVE Count CPE Confidence Evidence Count
jsr305-3.0.0.jar com.google.code.findbugs:jsr305:3.0.0   0 8
google-collect-snapshot-20080530.jar com.google.code.google-collections:google-collect:snapshot-20080530   0 10
commons-logging-api-1.1.jar commons-logging:commons-logging-api:1.1   0 16
junit-4.10.jar junit:junit:4.10   0 10
log4j-1.2.12.jar cpe:/a:apache:log4j:1.2.12 log4j:log4j:1.2.12   0 LOW 7
maven-artifact-3.0.jar org.apache.maven:maven-artifact:3.0   0 11
maven-compat-3.0-alpha-2.jar org.apache.maven:maven-compat:3.0-alpha-2   0 10
maven-model-3.0.jar org.apache.maven:maven-model:3.0   0 12
maven-plugin-api-3.0.jar org.apache.maven:maven-plugin-api:3.0   0 11
maven-project-builder-3.0-alpha-2.jar org.apache.maven:maven-project-builder:3.0-alpha-2   0 12
maven-project-3.0-alpha-2.jar org.apache.maven:maven-project:3.0-alpha-2   0 12
maven-plugin-annotations-3.4.jar org.apache.maven.plugin-tools:maven-plugin-annotations:3.4   0 11
wagon-provider-api-1.0-beta-4.jar org.apache.maven.wagon:wagon-provider-api:1.0-beta-4   0 11
xbean-reflect-3.4.jar org.apache.xbean:xbean-reflect:3.4   0 15
plexus-classworlds-2.2.3.jar org.codehaus.plexus:plexus-classworlds:2.2.3   0 12
plexus-component-annotations-1.5.4.jar org.codehaus.plexus:plexus-component-annotations:1.5.4   0 12
plexus-container-default-1.0-beta-3.0.5.jar org.codehaus.plexus:plexus-container-default:1.0-beta-3.0.5   0 11
plexus-interpolation-1.1.jar org.codehaus.plexus:plexus-interpolation:1.1   0 10
plexus-utils-1.5.6.jar   0 6
plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml org.codehaus.plexus:plexus-interpolation:1.0   0 5
plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-utils/pom.xml org.codehaus.plexus:plexus-utils:1.5.6   0 5
wstx-asl-3.2.6.jar org.codehaus.woodstox:wstx-asl:3.2.6   0 17
hamcrest-core-1.1.jar org.hamcrest:hamcrest-core:1.1   0 9
sisu-guice-2.1.7-noaop.jar   0 14
sisu-inject-bean-1.4.2.jar org.sonatype.sisu:sisu-inject-bean:1.4.2   0 17
sisu-inject-plexus-1.4.2.jar org.sonatype.sisu:sisu-inject-plexus:1.4.2   0 15
model-builder-1.3.jar org.sonatype.spice:model-builder:1.3   0 14
stax-api-1.0.1.jar stax:stax-api:1.0.1   0 10

Dependencies

jsr305-3.0.0.jar

Description: JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/google/code/findbugs/jsr305/3.0.0/jsr305-3.0.0.jar
MD5: 195d5db8981fbec5fa18d5df9fad95ed
SHA1: 5871fb60dc68d67da54a663c3fd636a10a532948
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: com.google.code.findbugs:jsr305:3.0.0   Confidence:HIGH

google-collect-snapshot-20080530.jar

Description: Google Collections Library is a suite of new collections and collection-related goodness for Java 5.0

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/com/google/code/google-collections/google-collect/snapshot-20080530/google-collect-snapshot-20080530.jar
MD5: 5ed1ebdf132806f6b1cc0909ca3286fb
SHA1: a22f9b3a80ba9696ed120735f8b6c3c99d942bcc
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: com.google.code.google-collections:google-collect:snapshot-20080530   Confidence:HIGH

commons-logging-api-1.1.jar

Description: Commons Logging is a thin adapter allowing configurable bridging to other, well known logging systems.

License:

The Apache Software License, Version 2.0: /LICENSE.txt
File Path: /root/.m2/repository/commons-logging/commons-logging-api/1.1/commons-logging-api-1.1.jar
MD5: 4374238076ab08e60e0d296234480837
SHA1: 7d4cf5231d46c8524f9b9ed75bb2d1c69ab93322
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: commons-logging:commons-logging-api:1.1   Confidence:HIGH

junit-4.10.jar

Description:  JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.

License:

Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txt
File Path: /root/.m2/repository/junit/junit/4.10/junit-4.10.jar
MD5: 68380001b88006ebe49be50cef5bb23a
SHA1: e4f1766ce7404a08f45d859fb9c226fc9e41a861
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: junit:junit:4.10   Confidence:HIGH

log4j-1.2.12.jar

File Path: /root/.m2/repository/log4j/log4j/1.2.12/log4j-1.2.12.jar
MD5: 223504f742addd3f631ed8bdf689f1c9
SHA1: 057b8740427ee6d7b0b60792751356cad17dc0d9
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • cpe: cpe:/a:apache:log4j:1.2.12   Confidence:LOW   
  • maven: log4j:log4j:1.2.12   Confidence:HIGH

maven-artifact-3.0.jar

File Path: /root/.m2/repository/org/apache/maven/maven-artifact/3.0/maven-artifact-3.0.jar
MD5: 43e506190356b85edccfdc7db1f630d8
SHA1: c29cfa43ce2ba09975a07c40d7241655d7c2fa29
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-artifact:3.0   Confidence:HIGH

maven-compat-3.0-alpha-2.jar

File Path: /root/.m2/repository/org/apache/maven/maven-compat/3.0-alpha-2/maven-compat-3.0-alpha-2.jar
MD5: 045477ef8720301eea3a736c4c4b309e
SHA1: 52947856db23c0367961d1261c65ccc26e4a6959
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-compat:3.0-alpha-2   Confidence:HIGH

maven-model-3.0.jar

Description: Maven Model

File Path: /root/.m2/repository/org/apache/maven/maven-model/3.0/maven-model-3.0.jar
MD5: 562636665b6ac87297513246c5bdccd2
SHA1: 24ce598c94a78341c42556fe9192dad6a2822405
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-model:3.0   Confidence:HIGH

maven-plugin-api-3.0.jar

File Path: /root/.m2/repository/org/apache/maven/maven-plugin-api/3.0/maven-plugin-api-3.0.jar
MD5: 1d67a37a5822b12abc55e5133e47ca0e
SHA1: 98f886f59bb0e69f8e86cdc082e69f2f4c13d648
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-plugin-api:3.0   Confidence:HIGH

maven-project-builder-3.0-alpha-2.jar

File Path: /root/.m2/repository/org/apache/maven/maven-project-builder/3.0-alpha-2/maven-project-builder-3.0-alpha-2.jar
MD5: 3f962398b452901b94a040c5cac772f6
SHA1: c0549120b6220b1c4af5a2859bc8196e1c8b6cc0
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-project-builder:3.0-alpha-2   Confidence:HIGH

maven-project-3.0-alpha-2.jar

Description: This library is used to not only read Maven project object model files, but to assemble inheritence and to retrieve remote models as required.

File Path: /root/.m2/repository/org/apache/maven/maven-project/3.0-alpha-2/maven-project-3.0-alpha-2.jar
MD5: 2e5d64b450ea6cb9eb67e8e0f567c449
SHA1: fd7d64f9e8ec392132c716f07d35416051a7d09a
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven:maven-project:3.0-alpha-2   Confidence:HIGH

maven-plugin-annotations-3.4.jar

Description: Java 5 annotations to use in Mojos

File Path: /root/.m2/repository/org/apache/maven/plugin-tools/maven-plugin-annotations/3.4/maven-plugin-annotations-3.4.jar
MD5: c35fde211323d4bb06d5b1a41ef23807
SHA1: 18624421fb35f5ade7397c18b40878396f672bc5
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven.plugin-tools:maven-plugin-annotations:3.4   Confidence:HIGH

wagon-provider-api-1.0-beta-4.jar

Description: Maven Wagon API that defines the contract between different Wagon implementations

File Path: /root/.m2/repository/org/apache/maven/wagon/wagon-provider-api/1.0-beta-4/wagon-provider-api-1.0-beta-4.jar
MD5: 9460fbb29c0804dccc872d0415fed40f
SHA1: 0e726a2db8a0bfe690cf743c8daa32bbcba7faf7
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.maven.wagon:wagon-provider-api:1.0-beta-4   Confidence:HIGH

xbean-reflect-3.4.jar

Description: XBean is a plugin based server architecture.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/apache/xbean/xbean-reflect/3.4/xbean-reflect-3.4.jar
MD5: e618633fb6eac298a9c13b98c59b10c7
SHA1: 26fd55dceb037f4789b399b22874d74f4d2db66f
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.apache.xbean:xbean-reflect:3.4   Confidence:HIGH

plexus-classworlds-2.2.3.jar

Description: A class loader framework

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.2.3/plexus-classworlds-2.2.3.jar
MD5: e6673b3089c11931211b77d24bbc4f8e
SHA1: 93b34d7a40ed56fe33274480c5792b656d3697a9
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.codehaus.plexus:plexus-classworlds:2.2.3   Confidence:HIGH

plexus-component-annotations-1.5.4.jar

Description:  Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with standard annotations instead of javadoc annotations.

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-component-annotations/1.5.4/plexus-component-annotations-1.5.4.jar
MD5: 68e64b94a9d09d0a41745df03d1f31f8
SHA1: 21f22fdd8e8494f2d7585088ed63497d05e54333
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.codehaus.plexus:plexus-component-annotations:1.5.4   Confidence:HIGH

plexus-container-default-1.0-beta-3.0.5.jar

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-container-default/1.0-beta-3.0.5/plexus-container-default-1.0-beta-3.0.5.jar
MD5: 190ee08f4bfd2790ddb84a20aeb23666
SHA1: d0a29aff95de49312939f4ba769aa2330e4e65c5
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.codehaus.plexus:plexus-container-default:1.0-beta-3.0.5   Confidence:HIGH

plexus-interpolation-1.1.jar

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.1/plexus-interpolation-1.1.jar
MD5: 275af5282ff8848ec6f227b595c72ce3
SHA1: 66a644c26e8a1cd2945981422c33ba247226a2ef
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.codehaus.plexus:plexus-interpolation:1.1   Confidence:HIGH

plexus-utils-1.5.6.jar

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar
MD5: d6070c2e77ca56adafa953215ddf744b
SHA1: 8fb6b798a4036048b3005e058553bf21a87802ed
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • None

plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-interpolation/pom.xml
MD5: 61795135733295c9aa438fda7b923db8
SHA1: 1074eabfbcbfb0decfe6f9ed0541668e114b9311

Identifiers

  • maven: org.codehaus.plexus:plexus-interpolation:1.0   Confidence:HIGH

plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-utils/pom.xml

File Path: /root/.m2/repository/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar/META-INF/maven/org.codehaus.plexus/plexus-utils/pom.xml
MD5: 96c171848d16aa68d50e92e30e17a965
SHA1: ade360a589d7bc6e996fe879b72b5d7b3adfd6ab

Identifiers

  • maven: org.codehaus.plexus:plexus-utils:1.5.6   Confidence:HIGH

wstx-asl-3.2.6.jar

Description: Woodstox is a high-performance XML processor that implements Stax (JSR-173) API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/codehaus/woodstox/wstx-asl/3.2.6/wstx-asl-3.2.6.jar
MD5: f3794a87dfe108a4cb4e1599f4937842
SHA1: 4a9245455960a63d8a92f58810db80ac5368f91c
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.codehaus.woodstox:wstx-asl:3.2.6   Confidence:HIGH

hamcrest-core-1.1.jar

File Path: /root/.m2/repository/org/hamcrest/hamcrest-core/1.1/hamcrest-core-1.1.jar
MD5: b66d0c48e1f1dc54d4227db52512c15b
SHA1: 860340562250678d1a344907ac75754e259cdb14
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.hamcrest:hamcrest-core:1.1   Confidence:HIGH

sisu-guice-2.1.7-noaop.jar

Description: Guice is a lightweight dependency injection framework for Java 5 and above

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /root/.m2/repository/org/sonatype/sisu/sisu-guice/2.1.7/sisu-guice-2.1.7-noaop.jar
MD5: f1d341b68fc25c53321eb00cf87b82b0
SHA1: 8cb56e976b8e0e7b23f2969c32bef7b830c6d6ed
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • None

sisu-inject-bean-1.4.2.jar

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/sonatype/sisu/sisu-inject-bean/1.4.2/sisu-inject-bean-1.4.2.jar
MD5: 400f9ca3cb77d34f159127769cb89e92
SHA1: 5cf37202afbaae899d63dd51b46d173df650af1b
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.sonatype.sisu:sisu-inject-bean:1.4.2   Confidence:HIGH

sisu-inject-plexus-1.4.2.jar

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/org/sonatype/sisu/sisu-inject-plexus/1.4.2/sisu-inject-plexus-1.4.2.jar
MD5: 9c1bfd74a76af0757b348554d9a1facc
SHA1: 53d863ed4879d4a43ad7aee7bc63f935cc513353
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.sonatype.sisu:sisu-inject-plexus:1.4.2   Confidence:HIGH

model-builder-1.3.jar

File Path: /root/.m2/repository/org/sonatype/spice/model-builder/1.3/model-builder-1.3.jar
MD5: c054d2fa25d462f85dc202317a114224
SHA1: 37534174c8e7332d2fda4012521ecece84ec4149
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: org.sonatype.spice:model-builder:1.3   Confidence:HIGH

stax-api-1.0.1.jar

Description: StAX API is the standard java XML processing API defined by JSR-173

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /root/.m2/repository/stax/stax-api/1.0.1/stax-api-1.0.1.jar
MD5: 7d436a53c64490bee564c576babb36b4
SHA1: 49c100caf72d658aca8e58bd74a4ba90fa2b0d70
Referenced In Project: Java API Sniffer Maven Plugin

Identifiers

  • maven: stax:stax-api:1.0.1   Confidence:HIGH


This report contains data retrieved from the National Vulnerability Database.