Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 8.0.1
Report Generated On: Sat, 3 May 2025 18:00:16 GMT
Dependencies Scanned: 14 (7 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
CurrentEngineRelease: 12.1.0
NVD CVE Checked: 2025-05-03T17:09:51
NVD CVE Modified: 2025-05-03T16:00:01
VersionCheckOn: 2025-05-01T21:09:43
kev.checked: 1746292219

Summary

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Confidence	Evidence Count
aspectjweaver-1.9.24.jar		pkg:maven/org.aspectj/aspectjweaver@1.9.24		49
freemarker-2.3.34.jar		pkg:maven/org.freemarker/freemarker@2.3.34		44
logback-core-1.5.18.jar	cpe:2.3:a:qos:logback:1.5.18:::::::*	pkg:maven/ch.qos.logback/logback-core@1.5.18	Highest	41
micrometer-commons-1.13.13.jar		pkg:maven/io.micrometer/micrometer-commons@1.13.13		67
micrometer-observation-1.13.13.jar		pkg:maven/io.micrometer/micrometer-observation@1.13.13		67
slf4j-api-2.0.17.jar		pkg:maven/org.slf4j/slf4j-api@2.0.17		33
spring-core-6.1.19.jar	cpe:2.3:a:pivotal_software:spring_framework:6.1.19:::::::* cpe:2.3:a:springsource:spring_framework:6.1.19:::::::* cpe:2.3:a:vmware:spring_framework:6.1.19:::::::*	pkg:maven/org.springframework/spring-core@6.1.19	Highest	41

Dependencies

aspectjweaver-1.9.24.jar

Description:

The AspectJ weaver applies aspects to Java classes. It can be used as a Java agent in order to apply load-time
		weaving (LTW) during class-loading and also contains the AspectJ runtime classes.

License:

Eclipse Public License - v 2.0: https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt

File Path: /opt/tomcat/.m2/repository/org/aspectj/aspectjweaver/1.9.24/aspectjweaver-1.9.24.jar
MD5: d95bb9406a5351d45a02145777b9a241
SHA1: 9b5aeb0cea9f958b9c57fb80e62996e95a3e9379
SHA256:75e4227fb7dc5f97c3d4689cd1c2439f4db0bd18cea2fa242c4656cd93c599aa
Referenced In Project/Scope: Commons Services:compile
pkg:maven/net.andresbustamante/y-a-foot-commons-services@2.0.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	aspectjweaver	High
Vendor	jar	package name	agent	Highest
Vendor	jar	package name	and	Highest
Vendor	jar	package name	aspectj	Highest
Vendor	jar	package name	aspects	Highest
Vendor	jar	package name	ltw	Highest
Vendor	jar	package name	org	Highest
Vendor	jar	package name	runtime	Highest
Vendor	jar	package name	weaver	Highest
Vendor	Manifest	automatic-module-name	org.aspectj.weaver	Medium
Vendor	Manifest	can-redefine-classes	true	Low
Vendor	manifest: org/aspectj/weaver/	Implementation-Vendor	https://www.eclipse.org/aspectj/	Medium
Vendor	pom	artifactid	aspectjweaver	Highest
Vendor	pom	artifactid	aspectjweaver	Low
Vendor	pom	developer email	aclement@vmware.com	Low
Vendor	pom	developer email	kriegaex@aspectj.dev	Low
Vendor	pom	developer id	aclement	Medium
Vendor	pom	developer id	kriegaex	Medium
Vendor	pom	developer name	Alexander Kriegisch	Medium
Vendor	pom	developer name	Andy Clement	Medium
Vendor	pom	groupid	org.aspectj	Highest
Vendor	pom	name	AspectJ Weaver	High
Vendor	pom	url	https://www.eclipse.org/aspectj/	Highest
Product	file	name	aspectjweaver	High
Product	jar	package name	agent	Highest
Product	jar	package name	and	Highest
Product	jar	package name	aspectj	Highest
Product	jar	package name	aspects	Highest
Product	jar	package name	ltw	Highest
Product	jar	package name	org	Highest
Product	jar	package name	runtime	Highest
Product	jar	package name	weaver	Highest
Product	Manifest	automatic-module-name	org.aspectj.weaver	Medium
Product	Manifest	can-redefine-classes	true	Low
Product	manifest: org/aspectj/weaver/	Implementation-Title	org.aspectj.weaver	Medium
Product	manifest: org/aspectj/weaver/	Specification-Title	AspectJ Weaver Classes	Medium
Product	pom	artifactid	aspectjweaver	Highest
Product	pom	developer email	aclement@vmware.com	Low
Product	pom	developer email	kriegaex@aspectj.dev	Low
Product	pom	developer id	aclement	Low
Product	pom	developer id	kriegaex	Low
Product	pom	developer name	Alexander Kriegisch	Low
Product	pom	developer name	Andy Clement	Low
Product	pom	groupid	org.aspectj	Highest
Product	pom	name	AspectJ Weaver	High
Product	pom	url	https://www.eclipse.org/aspectj/	Medium
Version	file	version	1.9.24	High
Version	manifest: org/aspectj/weaver/	Implementation-Version	1.9.24	Medium
Version	pom	version	1.9.24	Highest

Identifiers

pkg:maven/org.aspectj/aspectjweaver@1.9.24 (Confidence:High)

freemarker-2.3.34.jar

Description:

    FreeMarker is a "template engine"; a generic tool to generate text output based on templates.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /opt/tomcat/.m2/repository/org/freemarker/freemarker/2.3.34/freemarker-2.3.34.jar
MD5: 1704fd3c579385ca5fd0ebcdf50df73c
SHA1: c2fa47a1c3b6dcdfca90e952e51211967a4baa54
SHA256:9a9fb91cd64199232eb1ca9766148a5d30ef8944be5fac051018f96c70c8f6a3
Referenced In Project/Scope: Commons Services:compile
pkg:maven/net.andresbustamante/y-a-foot-commons-services@2.0.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	freemarker	High
Vendor	jar	package name	freemarker	Highest
Vendor	jar	package name	on	Highest
Vendor	jar	package name	template	Highest
Vendor	Manifest	automatic-module-name	freemarker	Medium
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-16, JavaSE-15, JavaSE-14, JavaSE-13, JavaSE-12, JavaSE-11, JavaSE-10, JavaSE-9, JavaSE-1.8	Low
Vendor	Manifest	bundle-symbolicname	org.freemarker.freemarker	Medium
Vendor	Manifest	extension-name	FreeMarker	Medium
Vendor	Manifest	Implementation-Vendor	freemarker.org	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Vendor	Manifest	specification-vendor	freemarker.org	Low
Vendor	pom	artifactid	freemarker	Highest
Vendor	pom	artifactid	freemarker	Low
Vendor	pom	groupid	org.freemarker	Highest
Vendor	pom	name	Apache FreeMarker	High
Vendor	pom	organization name	Apache Software Foundation	High
Vendor	pom	organization url	http://apache.org	Medium
Vendor	pom	url	https://freemarker.apache.org/	Highest
Product	file	name	freemarker	High
Product	jar	package name	16	Highest
Product	jar	package name	9	Highest
Product	jar	package name	freemarker	Highest
Product	jar	package name	on	Highest
Product	jar	package name	template	Highest
Product	jar	package name	version	Highest
Product	Manifest	automatic-module-name	freemarker	Medium
Product	Manifest	Bundle-Name	org.freemarker.freemarker	Medium
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-16, JavaSE-15, JavaSE-14, JavaSE-13, JavaSE-12, JavaSE-11, JavaSE-10, JavaSE-9, JavaSE-1.8	Low
Product	Manifest	bundle-symbolicname	org.freemarker.freemarker	Medium
Product	Manifest	extension-name	FreeMarker	Medium
Product	Manifest	Implementation-Title	FreeMarker	High
Product	Manifest	multi-release	true	Low
Product	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Product	Manifest	specification-title	FreeMarker	Medium
Product	pom	artifactid	freemarker	Highest
Product	pom	groupid	org.freemarker	Highest
Product	pom	name	Apache FreeMarker	High
Product	pom	organization name	Apache Software Foundation	Low
Product	pom	organization url	http://apache.org	Low
Product	pom	url	https://freemarker.apache.org/	Medium
Version	file	version	2.3.34	High
Version	Manifest	Implementation-Version	2.3.34	High
Version	pom	version	2.3.34	Highest

Identifiers

pkg:maven/org.freemarker/freemarker@2.3.34 (Confidence:High)

logback-core-1.5.18.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html

File Path: /opt/tomcat/.m2/repository/ch/qos/logback/logback-core/1.5.18/logback-core-1.5.18.jar
MD5: 10bcea83842beead15f072799b9c923d
SHA1: 6c0375624f6f36b4e089e2488ba21334a11ef13f
SHA256:85139e7b57b464f8e5e36326dd81317648bed199ccc4f98cd42585f8d7571027
Referenced In Project/Scope: Commons Services:compile
pkg:maven/ch.qos.logback/logback-classic@1.5.18

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	logback-core	High
Vendor	jar	package name	ch	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	logback	Highest
Vendor	jar	package name	qos	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.qos.ch	Low
Vendor	Manifest	bundle-symbolicname	ch.qos.logback.core	Medium
Vendor	Manifest	Implementation-Vendor	QOS.ch	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Vendor	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=11))"	Low
Vendor	Manifest	specification-vendor	QOS.ch	Low
Vendor	pom	artifactid	logback-core	Highest
Vendor	pom	artifactid	logback-core	Low
Vendor	pom	groupid	ch.qos.logback	Highest
Vendor	pom	name	Logback Core Module	High
Vendor	pom	parent-artifactid	logback-parent	Low
Product	file	name	logback-core	High
Product	jar	package name	21	Highest
Product	jar	package name	ch	Highest
Product	jar	package name	core	Highest
Product	jar	package name	logback	Highest
Product	jar	package name	qos	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.qos.ch	Low
Product	Manifest	Bundle-Name	Logback Core Module	Medium
Product	Manifest	bundle-symbolicname	ch.qos.logback.core	Medium
Product	Manifest	Implementation-Title	Logback Core Module	High
Product	Manifest	multi-release	true	Low
Product	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Product	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=11))"	Low
Product	Manifest	specification-title	Logback Core Module	Medium
Product	pom	artifactid	logback-core	Highest
Product	pom	groupid	ch.qos.logback	Highest
Product	pom	name	Logback Core Module	High
Product	pom	parent-artifactid	logback-parent	Medium
Version	file	version	1.5.18	High
Version	Manifest	Bundle-Version	1.5.18	High
Version	Manifest	Implementation-Version	1.5.18	High
Version	pom	version	1.5.18	Highest

Related Dependencies

Identifiers

pkg:maven/ch.qos.logback/logback-core@1.5.18 (Confidence:High)
cpe:2.3:a:qos:logback:1.5.18:*:*:*:*:*:*:* (Confidence:Highest)

micrometer-commons-1.13.13.jar

Description:

Module containing common code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /opt/tomcat/.m2/repository/io/micrometer/micrometer-commons/1.13.13/micrometer-commons-1.13.13.jar
MD5: 3a91c7465b7ee9c005e26c3481a636b2
SHA1: 9fa147a70b0fbc237bd0ce9ec2a2fa9b33bc7bd7
SHA256:8613395fb4914819610d0b24ccf7345b30ee40e7bc08699cfcfb746bb2cb881d
Referenced In Project/Scope: Commons Services:compile
pkg:maven/org.springframework/spring-context@6.1.19

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	micrometer-commons	High
Vendor	jar	package name	common	Highest
Vendor	jar	package name	io	Highest
Vendor	jar	package name	micrometer	Highest
Vendor	Manifest	automatic-module-name	micrometer.commons	Medium
Vendor	Manifest	branch	HEAD	Low
Vendor	Manifest	build-date	2025-04-14_02:10:16	Low
Vendor	Manifest	build-date-utc	2025-04-14T02:10:16.599617231Z	Low
Vendor	Manifest	build-host	090f736fee1d	Low
Vendor	Manifest	build-job	deploy	Low
Vendor	Manifest	build-number	46030	Low
Vendor	Manifest	build-timezone	Etc/UTC	Low
Vendor	Manifest	build-url	https://circleci.com/gh/micrometer-metrics/micrometer/46030	Low
Vendor	Manifest	built-os	Linux	Low
Vendor	Manifest	built-status	release	Low
Vendor	Manifest	bundle-symbolicname	micrometer-commons	Medium
Vendor	Manifest	change	fa523b1	Low
Vendor	Manifest	full-change	fa523b1549ef38f44966c27ac921592196f09d3f	Low
Vendor	Manifest	module-email	tludwig@vmware.com	Low
Vendor	Manifest	module-origin	micrometer-metrics/micrometer.git	Low
Vendor	Manifest	module-owner	tludwig@vmware.com	Low
Vendor	Manifest	module-source	/micrometer-commons	Low
Vendor	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Vendor	pom	artifactid	micrometer-commons	Highest
Vendor	pom	artifactid	micrometer-commons	Low
Vendor	pom	developer email	tludwig@vmware.com	Low
Vendor	pom	developer id	shakuzen	Medium
Vendor	pom	developer name	Tommy Ludwig	Medium
Vendor	pom	groupid	io.micrometer	Highest
Vendor	pom	name	micrometer-commons	High
Vendor	pom	url	micrometer-metrics/micrometer	Highest
Product	file	name	micrometer-commons	High
Product	jar	package name	common	Highest
Product	jar	package name	io	Highest
Product	jar	package name	micrometer	Highest
Product	Manifest	automatic-module-name	micrometer.commons	Medium
Product	Manifest	branch	HEAD	Low
Product	Manifest	build-date	2025-04-14_02:10:16	Low
Product	Manifest	build-date-utc	2025-04-14T02:10:16.599617231Z	Low
Product	Manifest	build-host	090f736fee1d	Low
Product	Manifest	build-job	deploy	Low
Product	Manifest	build-number	46030	Low
Product	Manifest	build-timezone	Etc/UTC	Low
Product	Manifest	build-url	https://circleci.com/gh/micrometer-metrics/micrometer/46030	Low
Product	Manifest	built-os	Linux	Low
Product	Manifest	built-status	release	Low
Product	Manifest	Bundle-Name	micrometer-commons	Medium
Product	Manifest	bundle-symbolicname	micrometer-commons	Medium
Product	Manifest	change	fa523b1	Low
Product	Manifest	full-change	fa523b1549ef38f44966c27ac921592196f09d3f	Low
Product	Manifest	Implementation-Title	io.micrometer#micrometer-commons;1.13.13	High
Product	Manifest	module-email	tludwig@vmware.com	Low
Product	Manifest	module-origin	micrometer-metrics/micrometer.git	Low
Product	Manifest	module-owner	tludwig@vmware.com	Low
Product	Manifest	module-source	/micrometer-commons	Low
Product	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Product	pom	artifactid	micrometer-commons	Highest
Product	pom	developer email	tludwig@vmware.com	Low
Product	pom	developer id	shakuzen	Low
Product	pom	developer name	Tommy Ludwig	Low
Product	pom	groupid	io.micrometer	Highest
Product	pom	name	micrometer-commons	High
Product	pom	url	micrometer-metrics/micrometer	High
Version	file	version	1.13.13	High
Version	Manifest	Bundle-Version	1.13.13	High
Version	Manifest	Implementation-Version	1.13.13	High
Version	pom	version	1.13.13	Highest

Identifiers

pkg:maven/io.micrometer/micrometer-commons@1.13.13 (Confidence:High)

micrometer-observation-1.13.13.jar

Description:

Module containing Observation related code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /opt/tomcat/.m2/repository/io/micrometer/micrometer-observation/1.13.13/micrometer-observation-1.13.13.jar
MD5: 5511e8e9460c294024a0789dbb015948
SHA1: 8f5dcc8e44120ac65f53cf79581ca8894c560c5b
SHA256:35b40b485eb0514ff57fa15cbcd3c0cc850a1c72421cb7090e97e8e191167b99
Referenced In Project/Scope: Commons Services:compile
pkg:maven/org.springframework/spring-context@6.1.19

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	micrometer-observation	High
Vendor	jar	package name	io	Highest
Vendor	jar	package name	micrometer	Highest
Vendor	jar	package name	observation	Highest
Vendor	Manifest	automatic-module-name	micrometer.observation	Medium
Vendor	Manifest	branch	HEAD	Low
Vendor	Manifest	build-date	2025-04-14_02:10:16	Low
Vendor	Manifest	build-date-utc	2025-04-14T02:10:16.921236628Z	Low
Vendor	Manifest	build-host	090f736fee1d	Low
Vendor	Manifest	build-job	deploy	Low
Vendor	Manifest	build-number	46030	Low
Vendor	Manifest	build-timezone	Etc/UTC	Low
Vendor	Manifest	build-url	https://circleci.com/gh/micrometer-metrics/micrometer/46030	Low
Vendor	Manifest	built-os	Linux	Low
Vendor	Manifest	built-status	release	Low
Vendor	Manifest	bundle-symbolicname	micrometer-observation	Medium
Vendor	Manifest	change	fa523b1	Low
Vendor	Manifest	full-change	fa523b1549ef38f44966c27ac921592196f09d3f	Low
Vendor	Manifest	module-email	tludwig@vmware.com	Low
Vendor	Manifest	module-origin	micrometer-metrics/micrometer.git	Low
Vendor	Manifest	module-owner	tludwig@vmware.com	Low
Vendor	Manifest	module-source	/micrometer-observation	Low
Vendor	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Vendor	pom	artifactid	micrometer-observation	Highest
Vendor	pom	artifactid	micrometer-observation	Low
Vendor	pom	developer email	tludwig@vmware.com	Low
Vendor	pom	developer id	shakuzen	Medium
Vendor	pom	developer name	Tommy Ludwig	Medium
Vendor	pom	groupid	io.micrometer	Highest
Vendor	pom	name	micrometer-observation	High
Vendor	pom	url	micrometer-metrics/micrometer	Highest
Product	file	name	micrometer-observation	High
Product	jar	package name	io	Highest
Product	jar	package name	micrometer	Highest
Product	jar	package name	observation	Highest
Product	Manifest	automatic-module-name	micrometer.observation	Medium
Product	Manifest	branch	HEAD	Low
Product	Manifest	build-date	2025-04-14_02:10:16	Low
Product	Manifest	build-date-utc	2025-04-14T02:10:16.921236628Z	Low
Product	Manifest	build-host	090f736fee1d	Low
Product	Manifest	build-job	deploy	Low
Product	Manifest	build-number	46030	Low
Product	Manifest	build-timezone	Etc/UTC	Low
Product	Manifest	build-url	https://circleci.com/gh/micrometer-metrics/micrometer/46030	Low
Product	Manifest	built-os	Linux	Low
Product	Manifest	built-status	release	Low
Product	Manifest	Bundle-Name	micrometer-observation	Medium
Product	Manifest	bundle-symbolicname	micrometer-observation	Medium
Product	Manifest	change	fa523b1	Low
Product	Manifest	full-change	fa523b1549ef38f44966c27ac921592196f09d3f	Low
Product	Manifest	Implementation-Title	io.micrometer#micrometer-observation;1.13.13	High
Product	Manifest	module-email	tludwig@vmware.com	Low
Product	Manifest	module-origin	micrometer-metrics/micrometer.git	Low
Product	Manifest	module-owner	tludwig@vmware.com	Low
Product	Manifest	module-source	/micrometer-observation	Low
Product	Manifest	require-capability	osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Product	pom	artifactid	micrometer-observation	Highest
Product	pom	developer email	tludwig@vmware.com	Low
Product	pom	developer id	shakuzen	Low
Product	pom	developer name	Tommy Ludwig	Low
Product	pom	groupid	io.micrometer	Highest
Product	pom	name	micrometer-observation	High
Product	pom	url	micrometer-metrics/micrometer	High
Version	file	version	1.13.13	High
Version	Manifest	Bundle-Version	1.13.13	High
Version	Manifest	Implementation-Version	1.13.13	High
Version	pom	version	1.13.13	Highest

Identifiers

pkg:maven/io.micrometer/micrometer-observation@1.13.13 (Confidence:High)

slf4j-api-2.0.17.jar

Description:

The slf4j API

License:

https://opensource.org/license/mit

File Path: /opt/tomcat/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Project/Scope: Commons Services:compile
pkg:maven/net.andresbustamante/y-a-foot-commons-services@2.0.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slf4j-api	High
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	slf4j.api	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	require-capability	osgi.extender;filter:="(&(osgi.extender=osgi.serviceloader.processor)(version>=1.0.0)(!(version>=2.0.0)))",osgi.serviceloader;filter:="(osgi.serviceloader=org.slf4j.spi.SLF4JServiceProvider)";osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Vendor	pom	artifactid	slf4j-api	Highest
Vendor	pom	artifactid	slf4j-api	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	SLF4J API Module	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	slf4j-api	High
Product	jar	package name	slf4j	Highest
Product	jar	package name	slf4jserviceprovider	Highest
Product	jar	package name	spi	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	SLF4J API Module	Medium
Product	Manifest	bundle-symbolicname	slf4j.api	Medium
Product	Manifest	Implementation-Title	slf4j-api	High
Product	Manifest	multi-release	true	Low
Product	Manifest	require-capability	osgi.extender;filter:="(&(osgi.extender=osgi.serviceloader.processor)(version>=1.0.0)(!(version>=2.0.0)))",osgi.serviceloader;filter:="(osgi.serviceloader=org.slf4j.spi.SLF4JServiceProvider)";osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))"	Low
Product	pom	artifactid	slf4j-api	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	SLF4J API Module	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.17	High
Version	Manifest	Bundle-Version	2.0.17	High
Version	Manifest	Implementation-Version	2.0.17	High
Version	pom	version	2.0.17	Highest

Identifiers

pkg:maven/org.slf4j/slf4j-api@2.0.17 (Confidence:High)

spring-core-6.1.19.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0

File Path: /opt/tomcat/.m2/repository/org/springframework/spring-core/6.1.19/spring-core-6.1.19.jar
MD5: c7b7de19a43581b1f22d87fbfa192cd5
SHA1: 85718bafdeda6c6b4b0782afda2002299c3f918a
SHA256:a46e9b693d6be2cce3bc3f2b6ed144c4a7198dcc5c355ca3c63b383d8e911800
Referenced In Project/Scope: Commons Services:compile
pkg:maven/org.springframework/spring-context@6.1.19

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	spring-core	High
Vendor	hint analyzer	vendor	pivotal software	Highest
Vendor	hint analyzer	vendor	SpringSource	Highest
Vendor	hint analyzer	vendor	vmware	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	io	Highest
Vendor	jar	package name	org	Highest
Vendor	jar	package name	springframework	Highest
Vendor	Manifest	automatic-module-name	spring.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	spring-core	Highest
Vendor	pom	artifactid	spring-core	Low
Vendor	pom	developer email	juergen.hoeller@broadcom.com	Low
Vendor	pom	developer id	jhoeller	Medium
Vendor	pom	developer name	Juergen Hoeller	Medium
Vendor	pom	groupid	org.springframework	Highest
Vendor	pom	name	Spring Core	High
Vendor	pom	organization name	Spring IO	High
Vendor	pom	organization url	https://spring.io/projects/spring-framework	Medium
Vendor	pom	url	spring-projects/spring-framework	Highest
Product	file	name	spring-core	High
Product	hint analyzer	product	springsource_spring_framework	Highest
Product	jar	package name	core	Highest
Product	jar	package name	io	Highest
Product	jar	package name	org	Highest
Product	jar	package name	springframework	Highest
Product	Manifest	automatic-module-name	spring.core	Medium
Product	Manifest	Implementation-Title	spring-core	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	spring-core	Highest
Product	pom	developer email	juergen.hoeller@broadcom.com	Low
Product	pom	developer id	jhoeller	Low
Product	pom	developer name	Juergen Hoeller	Low
Product	pom	groupid	org.springframework	Highest
Product	pom	name	Spring Core	High
Product	pom	organization name	Spring IO	Low
Product	pom	organization url	https://spring.io/projects/spring-framework	Low
Product	pom	url	spring-projects/spring-framework	High
Version	file	version	6.1.19	High
Version	Manifest	Implementation-Version	6.1.19	High
Version	pom	version	6.1.19	Highest

Related Dependencies

spring-aop-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-aop/6.1.19/spring-aop-6.1.19.jar
- MD5: b38a285dd96a006d15f0ed36534998b0
- SHA1: c18d675301d0e03ecc6253384deafb6ad01824d6
- SHA256: 82bf739839ef60d10562958d7dc087380429845eeeef054315c2efe7b54f2483
- pkg:maven/org.springframework/spring-aop@6.1.19
spring-beans-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-beans/6.1.19/spring-beans-6.1.19.jar
- MD5: 4713232688bd4edc3df68a898b22bf3b
- SHA1: 5350f570eb1a31a42a4afa31ff1292b0c61e2b25
- SHA256: 84150f8f35ddbf8369a64b657657778486bdae3286557be54b8b3d9f010fad06
- pkg:maven/org.springframework/spring-beans@6.1.19
spring-context-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-context/6.1.19/spring-context-6.1.19.jar
- MD5: 528d38a917bb7054ed265549428b5b7d
- SHA1: 00929524186bc9c5997e4a1d8f563c7ca4ae60a7
- SHA256: 656af67029d5ba799cfe30b24446645e91c8cf13b5ca726f12c184c5fe78bf74
- pkg:maven/org.springframework/spring-context@6.1.19
spring-context-support-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-context-support/6.1.19/spring-context-support-6.1.19.jar
- MD5: f9055c68c6edb537609d95e4a555dbee
- SHA1: bc0ef5461669252723df58b73329f618c810f15c
- SHA256: 94a662eda5607c101e1467c9737dc54458082d413073c00fe60098db62efe452
- pkg:maven/org.springframework/spring-context-support@6.1.19
spring-expression-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-expression/6.1.19/spring-expression-6.1.19.jar
- MD5: b523eafc3c54b1adf2c069230407d289
- SHA1: 8ee244869051ec640e1cdbf94b7138273535d528
- SHA256: b7e3261e447920172dbfa6e9d82f69be084ebed7e156274564b729a0fa2e61ae
- pkg:maven/org.springframework/spring-expression@6.1.19
spring-jcl-6.1.19.jar
- File Path: /opt/tomcat/.m2/repository/org/springframework/spring-jcl/6.1.19/spring-jcl-6.1.19.jar
- MD5: c9398ecd33fd294278d74fb8dad48238
- SHA1: 98241467bb50cedcb94cccd540002349499dc3ac
- SHA256: 076ebc259dd90ee15bf5f971dc97a04d0432a134178bd7c9d6cf5f15b6085291
- pkg:maven/org.springframework/spring-jcl@6.1.19

Identifiers

pkg:maven/org.springframework/spring-core@6.1.19 (Confidence:High)
cpe:2.3:a:pivotal_software:spring_framework:6.1.19:*:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:springsource:spring_framework:6.1.19:*:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:vmware:spring_framework:6.1.19:*:*:*:*:*:*:* (Confidence:Highest)

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor

Project: Commons Services

net.andresbustamante:y-a-foot-commons-services:2.0.0-SNAPSHOT

Summary

Dependencies

aspectjweaver-1.9.24.jar

Evidence

Identifiers

freemarker-2.3.34.jar

Evidence

Identifiers

logback-core-1.5.18.jar

Evidence

Related Dependencies

Identifiers

micrometer-commons-1.13.13.jar

Evidence

Identifiers

micrometer-observation-1.13.13.jar

Evidence

Identifiers

slf4j-api-2.0.17.jar

Evidence

Identifiers

spring-core-6.1.19.jar

Evidence

Related Dependencies

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: Commons Services

net.andresbustamante:y-a-foot-commons-services:2.0.0-SNAPSHOT

Summary

Dependencies

aspectjweaver-1.9.24.jar

Evidence

Identifiers

freemarker-2.3.34.jar

Evidence

Identifiers

logback-core-1.5.18.jar

Evidence

Related Dependencies

Identifiers

micrometer-commons-1.13.13.jar

Evidence

Identifiers

micrometer-observation-1.13.13.jar

Evidence

Identifiers

slf4j-api-2.0.17.jar

Evidence

Identifiers

spring-core-6.1.19.jar

Evidence

Related Dependencies

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor