Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.2.0Report Generated On : Mon, 19 Jan 2026 20:56:31 GMTDependencies Scanned : 31 (20 unique)Vulnerable Dependencies : 0 Vulnerabilities Found : 0Vulnerabilities Suppressed : 0
...
NVD API Last Checked : 2026-01-19T20:29:50ZNVD API Last Modified : 2026-01-19T20:15:49Z
Summary
Summary of Vulnerable Dependencies (click to show all)
Description:
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains the JCA/JCE provider and low-level API for the BC Java version 1.82 for Java 1.8 and later.
License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html
File Path: /home/runner/.m2/repository/org/bouncycastle/bcprov-jdk18on/1.82/bcprov-jdk18on-1.82.jar
MD5: 73520ba13118979db17136db32a8c401
SHA1: e1118397395d21909a1b7b15120d0c2a68d7fd0c
SHA256: 14cde2fdfaa8890480a8e5b67aceef0c90f96682c1e23c133bafdc9e0b3255ce
Referenced In Project/Scope: waffle-shiro-jakarta:provided
bcprov-jdk18on-1.82.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.shiro/shiro-web@2.0.6
Evidence
Type Source Name Value Confidence Vendor file name bcprov-jdk18on High Vendor jar package name bc Highest Vendor jar package name bouncycastle Highest Vendor jar package name crypto Highest Vendor jar package name jce Highest Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname bcprov Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest multi-release true Low Vendor Manifest permissions all-permissions Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcprov-jdk18on Highest Vendor pom artifactid bcprov-jdk18on Low Vendor pom developer email feedback-crypto@bouncycastle.org Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle Provider High Vendor pom url https://www.bouncycastle.org/download/bouncy-castle-java/ Highest Product file name bcprov-jdk18on High Product jar package name bc Highest Product jar package name bouncycastle Highest Product jar package name crypto Highest Product jar package name jce Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest Bundle-Name bcprov Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname bcprov Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest multi-release true Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcprov-jdk18on Highest Product pom developer email feedback-crypto@bouncycastle.org Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle Provider High Product pom url https://www.bouncycastle.org/download/bouncy-castle-java/ Medium Version file version 1.82 High Version Manifest Bundle-Version 1.82 High Version pom version 1.82 Highest
Description:
A high performance caching library
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.2.3/caffeine-3.2.3.jar
MD5: 0258f45d43968523cc11beeb01b240f2
SHA1: c097f0f6d21a0e6db88ea55836e26419b30dfe19
SHA256: ca70c90a5d1ce1511880ce9c93d4ad22108f61111d3daf91eb52762b571bd179
Referenced In Project/Scope: waffle-shiro-jakarta:compile
caffeine-3.2.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name caffeine High Vendor jar package name cache Highest Vendor jar package name caffeine Highest Vendor jar package name github Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Vendor pom artifactid caffeine Highest Vendor pom artifactid caffeine Low Vendor pom developer email ben.manes@gmail.com Low Vendor pom developer id ben-manes Medium Vendor pom developer name Ben Manes Medium Vendor pom groupid com.github.ben-manes.caffeine Highest Vendor pom name Caffeine cache High Vendor pom url ben-manes/caffeine Highest Product file name caffeine High Product jar package name cache Highest Product jar package name caffeine Highest Product jar package name github Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name com.github.ben-manes.caffeine Medium Product Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Product Manifest Implementation-Title A high performance caching library High Product pom artifactid caffeine Highest Product pom developer email ben.manes@gmail.com Low Product pom developer id ben-manes Low Product pom developer name Ben Manes Low Product pom groupid com.github.ben-manes.caffeine Highest Product pom name Caffeine cache High Product pom url ben-manes/caffeine High Version file version 3.2.3 High Version Manifest Bundle-Version 3.2.3 High Version Manifest Implementation-Version 3.2.3 High Version pom version 3.2.3 Highest
pkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.3
(Confidence :High)
Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.53.0/checker-qual-3.53.0.jar
MD5: d1ee2a3366a19a8fff01208da2adb48e
SHA1: af1105964a03d7ed8aaf8ea2cb6ec0da7ec6c7a6
SHA256: 7ca002815d92fad79e966b375c2ee7b2b4bf953024bc9a5d5e0c59df13ff5af8
Referenced In Project/Scope: waffle-shiro-jakarta:compile
checker-qual-3.53.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name checker-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name framework Highest Vendor jar package name qual Highest Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-qual Highest Vendor pom artifactid checker-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer id mernst Medium Vendor pom developer id smillst Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer org University of Washington Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org/ Highest Product file name checker-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name framework Highest Product jar package name qual Highest Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer id mernst Low Product pom developer id smillst Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer org University of Washington Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org/ Medium Version file version 3.53.0 High Version Manifest Bundle-Version 3.53.0 High Version Manifest Implementation-Version 3.53.0 High Version pom version 3.53.0 Highest
pkg:maven/org.checkerframework/checker-qual@3.53.0
(Confidence :High)
Description:
WAFFLE JNA Jakarta Pakage implementation
License:
MIT https://raw.github.com/Waffle/waffle/master/LICENSE
File Path: /home/runner/work/waffle/waffle/Source/JNA/waffle-jna-jakarta/pom.xml
Referenced In Project/Scope: waffle-shiro-jakarta
com.github.waffle:waffle-jna-jakarta:3.6.0-SNAPSHOT is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name pom High Vendor project artifactid waffle-jna-jakarta Low Vendor project groupid com.github.waffle Highest Product file name pom High Product project artifactid waffle-jna-jakarta Highest Product project groupid com.github.waffle Low
pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
(Confidence :Highest)
Description:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.11.0/commons-beanutils-1.11.0.jar
MD5: 32ed51f196dfda19e0dc1ce53eeed29e
SHA1: ac03ea606d13de04c2e4508227680faff151f491
SHA256: 9e44ba68ec9a3f21286fa2a8bbb003b735c0f69101bb43144b79f4f8aaa74709
Referenced In Project/Scope: waffle-shiro-jakarta:provided
commons-beanutils-1.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name commons-beanutils High Vendor jar package name apache Highest Vendor jar package name beanutils Highest Vendor jar package name commons Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-beanutils Highest Vendor pom artifactid commons-beanutils Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email epugh@apache.org Low Vendor pom developer email geirm@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email jconlon@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email niallp@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email scolebourne@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email stain@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer email yoavs@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dion Medium Vendor pom developer id epugh Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id jconlon Medium Vendor pom developer id jstrachan Medium Vendor pom developer id morgand Medium Vendor pom developer id mvdb Medium Vendor pom developer id niallp Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer id skitching Medium Vendor pom developer id stain Medium Vendor pom developer id tobrien Medium Vendor pom developer id yoavs Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Eric Pugh Medium Vendor pom developer name Dion Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Jr. Medium Vendor pom developer name James Carman Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John E. Conlon Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Morgan James Delagrange Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer name Tim O'Brien Medium Vendor pom developer name Yoav Shapira Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-beanutils Highest Vendor pom name Apache Commons BeanUtils High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-beanutils Highest Product file name commons-beanutils High Product jar package name apache Highest Product jar package name beanutils Highest Product jar package name commons Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils Low Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest Implementation-Title Apache Commons BeanUtils High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons BeanUtils Medium Product pom artifactid commons-beanutils Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email epugh@apache.org Low Product pom developer email geirm@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email jconlon@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email niallp@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email scolebourne@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email stain@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer email yoavs@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dion Low Product pom developer id epugh Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id jconlon Low Product pom developer id jstrachan Low Product pom developer id morgand Low Product pom developer id mvdb Low Product pom developer id niallp Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer id skitching Low Product pom developer id stain Low Product pom developer id tobrien Low Product pom developer id yoavs Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Eric Pugh Low Product pom developer name Dion Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Jr. Low Product pom developer name James Carman Low Product pom developer name James Strachan Low Product pom developer name John E. Conlon Low Product pom developer name Martin van den Bemt Low Product pom developer name Morgan James Delagrange Low Product pom developer name Niall Pemberton Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Stephen Colebourne Low Product pom developer name Stian Soiland-Reyes Low Product pom developer name Tim O'Brien Low Product pom developer name Yoav Shapira Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-beanutils Highest Product pom name Apache Commons BeanUtils High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-beanutils Medium Version file version 1.11.0 High Version Manifest Bundle-Version 1.11.0 High Version Manifest Implementation-Version 1.11.0 High Version pom parent-version 1.11.0 Low Version pom version 1.11.0 Highest
Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well-known logging systems.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256: 6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4
Referenced In Project/Scope: waffle-shiro-jakarta:provided
commons-logging-1.3.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/commons-beanutils/commons-beanutils@1.11.0
Evidence
Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Highest Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id ggregory Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Product Manifest Implementation-Title Apache Commons Logging High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id ggregory Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Gary Gregory Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-logging/ Medium Version file version 1.3.5 High Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version pom parent-version 1.3.5 Low Version pom version 1.3.5 Highest
pkg:maven/commons-logging/commons-logging@1.3.5
(Confidence :High)
Description:
The OWASP Encoders package is a collection of high-performance low-overhead
contextual encoders, that when utilized correctly, is an effective tool in
preventing Web Application security vulnerabilities such as Cross-Site
Scripting.
License:
http://www.opensource.org/licenses/BSD-3-Clause File Path: /home/runner/.m2/repository/org/owasp/encoder/encoder/1.3.1/encoder-1.3.1.jar
MD5: c826f7776c4d03adcbf1a2bceef84627
SHA1: 1ebf20e19ddc3fa952f4e2af220a20b085ce87ba
SHA256: c9c56c8970c7cb11b231913ba5190ce930f8fd4fac2bd918810642dc3848e757
Referenced In Project/Scope: waffle-shiro-jakarta:provided
encoder-1.3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.shiro/shiro-web@2.0.6
Evidence
Type Source Name Value Confidence Vendor file name encoder High Vendor jar package name encoder Highest Vendor jar package name encoders Highest Vendor jar package name owasp Highest Vendor Manifest automatic-module-name org.owasp.encoder Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://www.owasp.org/ Low Vendor Manifest bundle-symbolicname org.owasp.encoder Medium Vendor Manifest multi-release true Low Vendor pom artifactid encoder Highest Vendor pom artifactid encoder Low Vendor pom groupid org.owasp.encoder Highest Vendor pom name Java Encoder High Vendor pom parent-artifactid encoder-parent Low Product file name encoder High Product jar package name encoder Highest Product jar package name encoders Highest Product jar package name owasp Highest Product Manifest automatic-module-name org.owasp.encoder Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://www.owasp.org/ Low Product Manifest Bundle-Name Java Encoder Medium Product Manifest bundle-symbolicname org.owasp.encoder Medium Product Manifest multi-release true Low Product pom artifactid encoder Highest Product pom groupid org.owasp.encoder Highest Product pom name Java Encoder High Product pom parent-artifactid encoder-parent Medium Version file version 1.3.1 High Version Manifest Bundle-Version 1.3.1 High Version pom version 1.3.1 Highest
pkg:maven/org.owasp.encoder/encoder@1.3.1
(Confidence :High)
Description:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.46.0/error_prone_annotations-2.46.0.jar
MD5: d0dabea249c067d21d7eb997fbdf5c99
SHA1: 4ecb5d2392c38c46e6cb65e1bf60be708d97005d
SHA256: b67be81ff4b956401146e14eaf1526bc435a9480f2546e91eb45b796631a8a99
Referenced In Project/Scope: waffle-shiro-jakarta:provided
error_prone_annotations-2.46.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Vendor Manifest bundle-symbolicname com.google.errorprone.annotations Medium Vendor Manifest multi-release true Low Vendor pom artifactid error_prone_annotations Highest Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Product Manifest Bundle-Name error-prone annotations Medium Product Manifest bundle-symbolicname com.google.errorprone.annotations Medium Product Manifest multi-release true Low Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.46.0 High Version Manifest Bundle-Version 2.46.0 High Version pom version 2.46.0 Highest
pkg:maven/com.google.errorprone/error_prone_annotations@2.46.0
(Confidence :High)
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/3.1/j2objc-annotations-3.1.jar
MD5: abe8bd3abff622b9a8b15c3a737aa741
SHA1: a892ca9507839bbdb900d64310ac98256cab992f
SHA256: 84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b
Referenced In Project/Scope: waffle-shiro-jakarta:provided
j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor jar package name annotations Highest Vendor jar package name google Highest Vendor jar package name j2objc Highest Vendor Manifest build-jdk-spec 22 Low Vendor Manifest multi-release true Low Vendor pom artifactid j2objc-annotations Highest Vendor pom artifactid j2objc-annotations Low Vendor pom developer email tball@google.com Low Vendor pom developer id tomball Medium Vendor pom developer name Tom Ball Medium Vendor pom developer org Google Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product jar package name annotations Highest Product jar package name google Highest Product jar package name j2objc Highest Product Manifest build-jdk-spec 22 Low Product Manifest multi-release true Low Product pom artifactid j2objc-annotations Highest Product pom developer email tball@google.com Low Product pom developer id tomball Low Product pom developer name Tom Ball Low Product pom developer org Google Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 3.1 High Version pom version 3.1 Highest
pkg:maven/com.google.j2objc/j2objc-annotations@3.1
(Confidence :High)
Description:
Jakarta Servlet 6.1
License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /home/runner/.m2/repository/jakarta/servlet/jakarta.servlet-api/6.1.0/jakarta.servlet-api-6.1.0.jar
MD5: 314c930b3e40ac1abc3529c7c9942f09
SHA1: 1169a246913fe3823782af7943e7a103634867c5
SHA256: 8a31f465f3593bf2351531a5c952014eb839da96a605b5825b93dd54714c48c4
Referenced In Project/Scope: waffle-shiro-jakarta:provided
jakarta.servlet-api-6.1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name jakarta.servlet-api High Vendor jar package name jakarta Highest Vendor jar package name servlet Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.servlet-api Medium Vendor Manifest extension-name jakarta.servlet Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.servlet-api Highest Vendor pom artifactid jakarta.servlet-api Low Vendor pom developer id yaminikb Medium Vendor pom developer name Yamini K B Medium Vendor pom developer org Oracle Corporation Medium Vendor pom developer org URL http://www.oracle.com/ Medium Vendor pom groupid jakarta.servlet Highest Vendor pom name Jakarta Servlet High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url https://projects.eclipse.org/projects/ee4j.servlet Highest Product file name jakarta.servlet-api High Product jar package name jakarta Highest Product jar package name servlet Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Servlet Medium Product Manifest bundle-symbolicname jakarta.servlet-api Medium Product Manifest extension-name jakarta.servlet Medium Product pom artifactid jakarta.servlet-api Highest Product pom developer id yaminikb Low Product pom developer name Yamini K B Low Product pom developer org Oracle Corporation Low Product pom developer org URL http://www.oracle.com/ Low Product pom groupid jakarta.servlet Highest Product pom name Jakarta Servlet High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url https://projects.eclipse.org/projects/ee4j.servlet Medium Version file version 6.1.0 High Version Manifest Bundle-Version 6.1.0 High Version Manifest Implementation-Version 6.1.0 High Version pom parent-version 6.1.0 Low Version pom version 6.1.0 Highest
pkg:maven/jakarta.servlet/jakarta.servlet-api@6.1.0
(Confidence :High)
cpe:2.3:a:oracle:projects:6.1.0:*:*:*:*:*:*:*
(Confidence :Low)
suppress
Description:
Java Native Access
License:
LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar
MD5: cb531ec131e1c68c045b5d45fe5b9878
SHA1: b27ba04287cc4abe769642fe8318d39fc89bf937
SHA256: 260c4b1e22b1db9e110ee441c4f13ce115f841fa48c41d78750986214b395557
Referenced In Project/Scope: waffle-shiro-jakarta:compile
jna-5.18.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name jna High Vendor jar package name jna Highest Vendor jar package name native Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest automatic-module-name com.sun.jna Medium Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-category jni Low Vendor Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/freebsd-ppc64le/libjnidispatch.so; processor=ppc64le;osname=freebsd, com/sun/jna/freebsd-ppc64/libjnidispatch.so; processor=ppc64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.sun.jna Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna Highest Vendor pom artifactid jna Low Vendor pom developer email mblaesing@doppel-helix.eu Low Vendor pom developer id twall Medium Vendor pom developer name Matthias Bläsing Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access High Vendor pom url java-native-access/jna Highest Product file name jna High Product jar package name jna Highest Product jar package name library Highest Product jar package name native Highest Product jar package name sun Highest Product jar package name win32 Highest Product Manifest automatic-module-name com.sun.jna Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna Medium Product Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/freebsd-ppc64le/libjnidispatch.so; processor=ppc64le;osname=freebsd, com/sun/jna/freebsd-ppc64/libjnidispatch.so; processor=ppc64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.sun.jna Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna Highest Product pom developer email mblaesing@doppel-helix.eu Low Product pom developer id twall Low Product pom developer name Matthias Bläsing Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access High Product pom url java-native-access/jna High Version file version 5.18.1 High Version Manifest Bundle-Version 5.18.1 High Version pom version 5.18.1 Highest
pkg:maven/net.java.dev.jna/jna@5.18.1
(Confidence :High)
cpe:2.3:a:oracle:java_se:5.18.1:*:*:*:*:*:*:*
(Confidence :Low)
suppress
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-aarch64/jnidispatch.dllMD5: 302945a811fd8e21bcdd5226c73b6f74SHA1: 6b05e299ff2b3eb3b7b7aeac44263f715693607cSHA256: b8f98be314234cf12b5b46c29652f70c0f6abb93ae19b63d3fe2692062aa699d
Referenced In Project/Scope: waffle-shiro-jakarta:compile
Evidence
Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-x86-64/jnidispatch.dllMD5: 2d2475f1f026dd54e9f3e787ae4f81daSHA1: 27ff882ac271db547aee520b38e3ba9aa91e136cSHA256: 5a7ff949f6d93d86491eb5b26b1cfc60051168a60622650224b89995ac420023
Referenced In Project/Scope: waffle-shiro-jakarta:compile
Evidence
Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-x86/jnidispatch.dllMD5: 0caa1ef75a807f9dde05084fa2219a5cSHA1: 2f5e1cd82cde192905c7510ce99037b67d980640SHA256: 752d597cee7e95cb517327146bf42f124c0d6c0bc48b3ecc3b1b3b0531a52f44
Referenced In Project/Scope: waffle-shiro-jakarta:compile
Evidence
Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
Description:
Java Native Access Platform
License:
LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna-platform/5.18.1/jna-platform-5.18.1.jar
MD5: a7af00779ec98bfe22dfb07b1532830d
SHA1: dd817f391efc492041c9ae91127527c13750a789
SHA256: ad14c1b1ec4f43d396231219dfa635ebf828f738eac9f890ea1bc07795892d9a
Referenced In Project/Scope: waffle-shiro-jakarta:compile
jna-platform-5.18.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name jna-platform High Vendor jar package name jna Highest Vendor jar package name platform Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest automatic-module-name com.sun.jna.platform Medium Vendor Manifest bundle-category jni Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest bundle-symbolicname com.sun.jna.platform Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna-platform Highest Vendor pom artifactid jna-platform Low Vendor pom developer email mblaesing@doppel-helix.eu Low Vendor pom developer id twall Medium Vendor pom developer name Matthias Bläsing Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access Platform High Vendor pom url java-native-access/jna Highest Product file name jna-platform High Product jar package name jna Highest Product jar package name platform Highest Product jar package name sun Highest Product Manifest automatic-module-name com.sun.jna.platform Medium Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna-platform Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-symbolicname com.sun.jna.platform Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna-platform Highest Product pom developer email mblaesing@doppel-helix.eu Low Product pom developer id twall Low Product pom developer name Matthias Bläsing Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access Platform High Product pom url java-native-access/jna High Version file version 5.18.1 High Version Manifest Bundle-Version 5.18.1 High Version pom version 5.18.1 Highest
pkg:maven/net.java.dev.jna/jna-platform@5.18.1
(Confidence :High)
Description:
An artifact of well-named and well-specified annotations to power static analysis checks
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/jspecify/jspecify/1.0.0/jspecify-1.0.0.jar
MD5: 9133aba420d0ca3b001dbb6ae9992cf6
SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507
SHA256: 1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab
Referenced In Project/Scope: waffle-shiro-jakarta:compile
jspecify-1.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.junit.jupiter/junit-jupiter-engine@6.0.2
Evidence
Type Source Name Value Confidence Vendor file name jspecify High Vendor jar package name annotations Highest Vendor jar package name jspecify Highest Vendor Manifest bundle-docurl https://jspecify.dev/docs/start-here Low Vendor Manifest bundle-symbolicname org.jspecify.jspecify Medium Vendor Manifest multi-release true Low Vendor pom artifactid jspecify Highest Vendor pom artifactid jspecify Low Vendor pom developer email kevinb9n@gmail.com Low Vendor pom developer id kevinb9n Medium Vendor pom developer name Kevin Bourrillion Medium Vendor pom groupid org.jspecify Highest Vendor pom name JSpecify annotations High Vendor pom url http://jspecify.org/ Highest Product file name jspecify High Product jar package name annotations Highest Product jar package name jspecify Highest Product Manifest bundle-docurl https://jspecify.dev/docs/start-here Low Product Manifest Bundle-Name JSpecify annotations Medium Product Manifest bundle-symbolicname org.jspecify.jspecify Medium Product Manifest multi-release true Low Product pom artifactid jspecify Highest Product pom developer email kevinb9n@gmail.com Low Product pom developer id kevinb9n Low Product pom developer name Kevin Bourrillion Low Product pom groupid org.jspecify Highest Product pom name JSpecify annotations High Product pom url http://jspecify.org/ Medium Version file version 1.0.0 High Version Manifest Bundle-Version 1.0.0 High Version Manifest Implementation-Version 1.0.0 High Version pom version 1.0.0 Highest
pkg:maven/org.jspecify/jspecify@1.0.0
(Confidence :High)
Description:
JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: waffle-shiro-jakarta:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
Evidence
Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Highest Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
pkg:maven/com.google.code.findbugs/jsr305@3.0.2
(Confidence :High)
Description:
Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-core/2.0.6/shiro-core-2.0.6.jar
MD5: 871ecbaf423e1bca627a48e408c64a3c
SHA1: cd7aaf8c3caf0b62d9cacd87aa8461eac18ed58f
SHA256: 608d062c214c06d917bf65dd4155bdcbe45a058562c73341b50455d50e1d3af7
Referenced In Project/Scope: waffle-shiro-jakarta:provided
shiro-core-2.0.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.shiro/shiro-web@2.0.6
Evidence
Type Source Name Value Confidence Vendor file name shiro-core High Vendor jar package name apache Highest Vendor jar package name shiro Highest Vendor Manifest automatic-module-name org.apache.shiro.core Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.shiro.core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid shiro-core Highest Vendor pom artifactid shiro-core Low Vendor pom groupid org.apache.shiro Highest Vendor pom name Apache Shiro :: Core High Vendor pom parent-artifactid shiro-root Low Product file name shiro-core High Product jar package name apache Highest Product jar package name session Highest Product jar package name shiro Highest Product Manifest automatic-module-name org.apache.shiro.core Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Shiro :: Core Medium Product Manifest bundle-symbolicname org.apache.shiro.core Medium Product Manifest Implementation-Title Apache Shiro :: Core High Product Manifest specification-title Apache Shiro :: Core Medium Product pom artifactid shiro-core Highest Product pom groupid org.apache.shiro Highest Product pom name Apache Shiro :: Core High Product pom parent-artifactid shiro-root Medium Version file version 2.0.6 High Version Manifest Bundle-Version 2.0.6 High Version Manifest Implementation-Version 2.0.6 High Version pom version 2.0.6 Highest
Related Dependencies
shiro-cache-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-cache/2.0.6/shiro-cache-2.0.6.jar
MD5: a324753678a847344061eb86d04f4de6
SHA1: 74b6f5b67e9fe4f3bdd4d588b9d5b7da4a3c4526
SHA256: 9af4ce3a891486a34abadbcf95226cba7364d3c6c7f009abf1b07218c01104ac
pkg:maven/org.apache.shiro/shiro-cache@2.0.6
shiro-config-core-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-config-core/2.0.6/shiro-config-core-2.0.6.jar
MD5: 6dd6aa0acd6f085d702381f261449e78
SHA1: 8ff308869ff5f678cf5078942e604ecb8491f564
SHA256: 3c6b46747f9530a73c3423d028c75c8341b783a2a1e9fccb35182271218dbc80
pkg:maven/org.apache.shiro/shiro-config-core@2.0.6
shiro-config-ogdl-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-config-ogdl/2.0.6/shiro-config-ogdl-2.0.6.jar
MD5: 6c9a4fa85a15b824811df87471017d36
SHA1: 4f129c67d095c192dfe107856586b257a541bacf
SHA256: bb7792c72f76e3b39e2fb67c603db7d829d489ad6449db89c0ea6fd296ef56a5
pkg:maven/org.apache.shiro/shiro-config-ogdl@2.0.6
shiro-crypto-cipher-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-crypto-cipher/2.0.6/shiro-crypto-cipher-2.0.6.jar
MD5: 04c44dee1f7d83e75beea8ba64ab32e2
SHA1: 66565b81e59123b38aab8f5e4ab09f38ac154915
SHA256: 5fc0efc0027fd80e1b5db8d8d4d69e27969aeb105bd24cbac10c7b5710295629
pkg:maven/org.apache.shiro/shiro-crypto-cipher@2.0.6
shiro-crypto-core-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-crypto-core/2.0.6/shiro-crypto-core-2.0.6.jar
MD5: 03cbe403fd7ed5dc9d625739b8f9d2f9
SHA1: 88ac372ac0423f994bdbe4419dc0138ec583611d
SHA256: 48315ef810d73edad778ecb872de794ef32cf97e8f6a3b9d3e6104dc71609a80
pkg:maven/org.apache.shiro/shiro-crypto-core@2.0.6
shiro-crypto-hash-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-crypto-hash/2.0.6/shiro-crypto-hash-2.0.6.jar
MD5: 395cc6f3d14ceb4b98bee06e237dcd1a
SHA1: 904c0e02fb51b0ecdcd0e438d08f3544830f7f07
SHA256: 77f85d8afb628bc2753a175622a02dde2224781fed1595007c351072034cda23
pkg:maven/org.apache.shiro/shiro-crypto-hash@2.0.6
shiro-event-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-event/2.0.6/shiro-event-2.0.6.jar
MD5: 438fc8f37f5f6bf26e1979bb0326a615
SHA1: 3e9afc9932538773d06d3817292f13c49723fa7f
SHA256: bac2adb0caa353c526b00908f9006cc015f1c63e33f5505997ca61a42ef5cab5
pkg:maven/org.apache.shiro/shiro-event@2.0.6
shiro-hashes-argon2-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/crypto/shiro-hashes-argon2/2.0.6/shiro-hashes-argon2-2.0.6.jar
MD5: e2d7040994d3bbfa8de375f8e827af4b
SHA1: ce2b0a02f807ce2628946b496b564dc578f946b3
SHA256: f5332823be5eb176d57eb4d5aa4e401290ab1ea145c8dce5c635c2b4991346d9
pkg:maven/org.apache.shiro.crypto/shiro-hashes-argon2@2.0.6
shiro-hashes-bcrypt-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/crypto/shiro-hashes-bcrypt/2.0.6/shiro-hashes-bcrypt-2.0.6.jar
MD5: f4a6dde4613251920b5d78dce7f7332b
SHA1: f601cccf83770c5a7f1cc7eda8fd00e83129c67a
SHA256: 2bf0bb5f313899cf6901802481cd72365b3ed64a46d6b190dfb5d7688bd30a7b
pkg:maven/org.apache.shiro.crypto/shiro-hashes-bcrypt@2.0.6
shiro-lang-2.0.6.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-lang/2.0.6/shiro-lang-2.0.6.jar
MD5: f230014b0bc57d02efec7212d20dd27f
SHA1: 8254ec6dbcfa756d38344e9e94d34185d7186aa9
SHA256: 7c7a9911c95b3487c70651b3915d609da378f8be1467bc1cd3c89cb02fed84e0
pkg:maven/org.apache.shiro/shiro-lang@2.0.6
shiro-web-2.0.6-jakarta.jar
File Path: /home/runner/.m2/repository/org/apache/shiro/shiro-web/2.0.6/shiro-web-2.0.6-jakarta.jar
MD5: 6c9723d2cc24a93b3dd363df7e46423f
SHA1: 9d4cc8e4a3627415acde7248e284b9f8a2f4cdc9
SHA256: b53ce6534c54fa9d80ec52147f93697ae2da80a63660bf9d2048332e4aac64f2
pkg:maven/org.apache.shiro/shiro-web@2.0.6
Description:
The slf4j API
License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Project/Scope: waffle-shiro-jakarta:compile
slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Highest Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/slf4j-api@2.0.17
(Confidence :High)
Description:
Annotations the SpotBugs tool supports
License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.9.8/spotbugs-annotations-4.9.8.jar
MD5: d4c2e7bd090be697ad409a4e75684a94
SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73
SHA256: 6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
Referenced In Project/Scope: waffle-shiro-jakarta:provided
spotbugs-annotations-4.9.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-shiro-jakarta@3.6.0-SNAPSHOT
Evidence
Type Source Name Value Confidence Vendor file name spotbugs-annotations High Vendor Manifest automatic-module-name com.github.spotbugs.annotations Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname spotbugs-annotations Medium Vendor pom artifactid spotbugs-annotations Highest Vendor pom artifactid spotbugs-annotations Low Vendor pom developer email andreas.sewe@codetrails.com Low Vendor pom developer email dbrosius@mebigfatguy.com Low Vendor pom developer email loskutov@gmx.de Low Vendor pom developer email skypencil@gmail.com Low Vendor pom developer id henrik242 Medium Vendor pom developer id iloveeclipse Medium Vendor pom developer id jsotuyod Medium Vendor pom developer id KengoTODA Medium Vendor pom developer id mebigfatguy Medium Vendor pom developer id sewe Medium Vendor pom developer id ThrawnCA Medium Vendor pom developer name Andreas Sewe Medium Vendor pom developer name Andrey Loskutov Medium Vendor pom developer name Dave Brosius Medium Vendor pom developer name Juan Martín Sotuyo Dodero Medium Vendor pom developer name Kengo TODA Medium Vendor pom groupid com.github.spotbugs Highest Vendor pom name SpotBugs Annotations High Vendor pom url https://spotbugs.github.io/ Highest Product file name spotbugs-annotations High Product Manifest automatic-module-name com.github.spotbugs.annotations Medium Product Manifest Bundle-Name spotbugs-annotations Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname spotbugs-annotations Medium Product pom artifactid spotbugs-annotations Highest Product pom developer email andreas.sewe@codetrails.com Low Product pom developer email dbrosius@mebigfatguy.com Low Product pom developer email loskutov@gmx.de Low Product pom developer email skypencil@gmail.com Low Product pom developer id henrik242 Low Product pom developer id iloveeclipse Low Product pom developer id jsotuyod Low Product pom developer id KengoTODA Low Product pom developer id mebigfatguy Low Product pom developer id sewe Low Product pom developer id ThrawnCA Low Product pom developer name Andreas Sewe Low Product pom developer name Andrey Loskutov Low Product pom developer name Dave Brosius Low Product pom developer name Juan Martín Sotuyo Dodero Low Product pom developer name Kengo TODA Low Product pom groupid com.github.spotbugs Highest Product pom name SpotBugs Annotations High Product pom url https://spotbugs.github.io/ Medium Version file version 4.9.8 High Version Manifest Bundle-Version 4.9.8 High Version pom version 4.9.8 Highest
pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
(Confidence :High)