Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 8.0.1Report Generated On : Sat, 3 May 2025 18:00:34 GMTDependencies Scanned : 28 (19 unique)Vulnerable Dependencies : 1 Vulnerabilities Found : 2Vulnerabilities Suppressed : 0... CurrentEngineRelease : 12.1.0NVD CVE Checked : 2025-05-03T17:09:51NVD CVE Modified : 2025-05-03T16:00:01VersionCheckOn : 2025-05-01T21:09:43kev.checked : 1746292219Summary Display:
Showing Vulnerable Dependencies (click to show all) Dependencies Description:
Core annotations used for value types, used by Jackson data binding package.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.17.3/jackson-annotations-2.17.3.jar
MD5: cb80e34a9fa3c0b27560e1562dfdff43
SHA1: 4f30a05d2eee0ab700cdc27aa5967e934d3042b2
SHA256: 2747f60343783a6ec8a68405c7c839fa0bbe30ee4e2459d21a1ac3b7365e1ed5
Referenced In Project/Scope: Commons Web:compile
jackson-annotations-2.17.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name jackson-annotations High Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-annotations Highest Vendor pom artifactid jackson-annotations Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-annotations High Vendor pom parent-artifactid jackson-parent Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-annotations High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name Jackson-annotations Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-annotations Medium Product Manifest Implementation-Title Jackson-annotations High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest specification-title Jackson-annotations Medium Product pom artifactid jackson-annotations Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-annotations High Product pom parent-artifactid jackson-parent Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.17.3 High Version Manifest Bundle-Version 2.17.3 High Version Manifest Implementation-Version 2.17.3 High Version pom parent-version 2.17.3 Low Version pom version 2.17.3 Highest
Related Dependencies jackson-datatype-jsr310-2.17.3.jarFile Path: /opt/tomcat/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.17.3/jackson-datatype-jsr310-2.17.3.jar MD5: 9b733e7f3fa1f7a8fba27de5fb09aec3 SHA1: a25fe2f5607fea9e00ed00cf81b7aa2eaacbbd6e SHA256: b1e3e4be52f69ecf6442d8a07e96ddd200bacb1867cb47460ade87710552a9ee pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.17.3 Description:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.17.3/jackson-core-2.17.3.jar
MD5: b38c1cd06ec2b87bd23494962c44da69
SHA1: 1d6eb3e959c737692b720d3492b2f1f34c4c8579
SHA256: 19e03ee71f00a86255fa3c980560b231e1305486f6482c905601209014f5870c
Referenced In Project/Scope: Commons Web:compile
jackson-core-2.17.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.17.3
Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor jar package name base Highest Vendor jar package name com Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Highest Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name com Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name filter Highest Product jar package name jackson Highest Product jar package name json Highest Product jar package name version Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.17.3 High Version Manifest Bundle-Version 2.17.3 High Version Manifest Implementation-Version 2.17.3 High Version pom version 2.17.3 Highest
CVE-2022-45688 suppress
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. CWE-787 Out-of-bounds Write
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2023-5072 suppress
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions:
Description:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.17.3/jackson-databind-2.17.3.jar
MD5: 820811143157937e800b899a4feeb261
SHA1: 42c617beb411ee813bdc39a287424bfb19d99185
SHA256: 93b13e709a0b620de42019180a75bc1fc4885c81fe5b6087a4aa248f91fb9a95
Referenced In Project/Scope: Commons Web:compile
jackson-databind-2.17.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Highest Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-databind High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest Implementation-Title jackson-databind High Product Manifest multi-release true Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.17.3 High Version Manifest Bundle-Version 2.17.3 High Version Manifest Implementation-Version 2.17.3 High Version pom version 2.17.3 Highest
Description:
Jakarta Servlet 6.0 License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /opt/tomcat/.m2/repository/jakarta/servlet/jakarta.servlet-api/6.0.0/jakarta.servlet-api-6.0.0.jar
MD5: 4bcb3175ed9b7aa3f038d082879ec2a8
SHA1: abecc699286e65035ebba9844c03931357a6a963
SHA256: c034eb1afb158987dbb53a5fea0cadf611c8dae8daadd59c44d9d5ab70129cef
Referenced In Project/Scope: Commons Web:provided
jakarta.servlet-api-6.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name jakarta.servlet-api High Vendor jar package name jakarta Highest Vendor jar package name servlet Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.servlet-api Medium Vendor Manifest extension-name jakarta.servlet Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=11))" Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.servlet-api Highest Vendor pom artifactid jakarta.servlet-api Low Vendor pom developer id yaminikb Medium Vendor pom developer name Yamini K B Medium Vendor pom developer org Oracle Corporation Medium Vendor pom developer org URL http://www.oracle.com/ Medium Vendor pom groupid jakarta.servlet Highest Vendor pom name Jakarta Servlet High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url https://projects.eclipse.org/projects/ee4j.servlet Highest Product file name jakarta.servlet-api High Product jar package name filter Highest Product jar package name jakarta Highest Product jar package name servlet Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Servlet Medium Product Manifest bundle-symbolicname jakarta.servlet-api Medium Product Manifest extension-name jakarta.servlet Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=11))" Low Product pom artifactid jakarta.servlet-api Highest Product pom developer id yaminikb Low Product pom developer name Yamini K B Low Product pom developer org Oracle Corporation Low Product pom developer org URL http://www.oracle.com/ Low Product pom groupid jakarta.servlet Highest Product pom name Jakarta Servlet High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url https://projects.eclipse.org/projects/ee4j.servlet Medium Version file version 6.0.0 High Version Manifest Bundle-Version 6.0.0 High Version Manifest Implementation-Version 6.0.0 High Version pom parent-version 6.0.0 Low Version pom version 6.0.0 Highest
Description:
Jakarta Bean Validation API
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/jakarta/validation/jakarta.validation-api/3.0.2/jakarta.validation-api-3.0.2.jar
MD5: 3a1ee6efca3e41e3320599790f54c5eb
SHA1: 92b6631659ba35ca09e44874d3eb936edfeee532
SHA256: 291c25e6910cc6a7ebd96d4c6baebf6d7c37676c5482c2d96146e901b62c1fc9
Referenced In Project/Scope: Commons Web:compile
jakarta.validation-api-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name jakarta.validation-api High Vendor jar package name jakarta Highest Vendor jar package name validation Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.validation.jakarta.validation-api Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid jakarta.validation-api Highest Vendor pom artifactid jakarta.validation-api Low Vendor pom developer email emmanuel@hibernate.org Low Vendor pom developer email guillaume.smet@hibernate.org Low Vendor pom developer email gunnar@hibernate.org Low Vendor pom developer email hferents@redhat.com Low Vendor pom developer id emmanuelbernard Medium Vendor pom developer id epbernard Medium Vendor pom developer id guillaume.smet Medium Vendor pom developer id gunnar.morling Medium Vendor pom developer id hardy.ferentschik Medium Vendor pom developer name Emmanuel Bernard Medium Vendor pom developer name Guillaume Smet Medium Vendor pom developer name Gunnar Morling Medium Vendor pom developer name Hardy Ferentschik Medium Vendor pom developer org Red Hat, Inc. Medium Vendor pom groupid jakarta.validation Highest Vendor pom name Jakarta Bean Validation API High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url https://beanvalidation.org Highest Product file name jakarta.validation-api High Product jar package name jakarta Highest Product jar package name validation Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Bean Validation API Medium Product Manifest bundle-symbolicname jakarta.validation.jakarta.validation-api Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid jakarta.validation-api Highest Product pom developer email emmanuel@hibernate.org Low Product pom developer email guillaume.smet@hibernate.org Low Product pom developer email gunnar@hibernate.org Low Product pom developer email hferents@redhat.com Low Product pom developer id emmanuelbernard Low Product pom developer id epbernard Low Product pom developer id guillaume.smet Low Product pom developer id gunnar.morling Low Product pom developer id hardy.ferentschik Low Product pom developer name Emmanuel Bernard Low Product pom developer name Guillaume Smet Low Product pom developer name Gunnar Morling Low Product pom developer name Hardy Ferentschik Low Product pom developer org Red Hat, Inc. Low Product pom groupid jakarta.validation Highest Product pom name Jakarta Bean Validation API High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url https://beanvalidation.org Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom parent-version 3.0.2 Low Version pom version 3.0.2 Highest
Description:
A clean room implementation of the JCIP Annotations based entirely on the specification provided by the javadocs.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/github/stephenc/jcip/jcip-annotations/1.0-1/jcip-annotations-1.0-1.jar
MD5: d62dbfa8789378457ada685e2f614846
SHA1: ef31541dd28ae2cefdd17c7ebf352d93e9058c63
SHA256: 4fccff8382aafc589962c4edb262f6aa595e34f1e11e61057d1c6a96e8fc7323
Referenced In Project/Scope: Commons Web:compile
jcip-annotations-1.0-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.security/spring-security-oauth2-jose@6.3.9
Evidence Type Source Name Value Confidence Vendor file name jcip-annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name jcip Highest Vendor jar package name jcip Low Vendor jar package name net Low Vendor pom artifactid jcip-annotations Highest Vendor pom artifactid jcip-annotations Low Vendor pom developer id stephenc Medium Vendor pom developer name Stephen Connolly Medium Vendor pom groupid com.github.stephenc.jcip Highest Vendor pom name JCIP Annotations under Apache License High Vendor pom url http://stephenc.github.com/jcip-annotations Highest Product file name jcip-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name jcip Highest Product jar package name jcip Low Product pom artifactid jcip-annotations Highest Product pom developer id stephenc Low Product pom developer name Stephen Connolly Low Product pom groupid com.github.stephenc.jcip Highest Product pom name JCIP Annotations under Apache License High Product pom url http://stephenc.github.com/jcip-annotations Medium Version pom version 1.0-1 Highest
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more! License:
The MIT License: https://projectlombok.org/LICENSE File Path: /opt/tomcat/.m2/repository/org/projectlombok/lombok/1.18.38/lombok-1.18.38.jar
MD5: 789cacd8d3969e9d23e6e6baec747f70
SHA1: 57f8f5e02e92a30fd21b80cbd426a4172b5f8e29
SHA256: 1e1e427c36ff63c44fd30ef292d9e773ea3154460ab6265d3fed7e6f5bc50fb9
Referenced In Project/Scope: Commons Web:provided
lombok-1.18.38.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name lombok High Vendor jar package name java Highest Vendor jar package name lombok Highest Vendor jar package name tostring Highest Vendor Manifest automatic-module-name lombok Medium Vendor Manifest can-redefine-classes true Low Vendor pom artifactid lombok Highest Vendor pom artifactid lombok Low Vendor pom developer email reinier@projectlombok.org Low Vendor pom developer email roel@projectlombok.org Low Vendor pom developer id rspilker Medium Vendor pom developer id rzwitserloot Medium Vendor pom developer name Reinier Zwitserloot Medium Vendor pom developer name Roel Spilker Medium Vendor pom groupid org.projectlombok Highest Vendor pom name Project Lombok High Vendor pom url https://projectlombok.org Highest Product file name lombok High Product jar package name java Highest Product jar package name lombok Highest Product jar package name tostring Highest Product Manifest automatic-module-name lombok Medium Product Manifest can-redefine-classes true Low Product pom artifactid lombok Highest Product pom developer email reinier@projectlombok.org Low Product pom developer email roel@projectlombok.org Low Product pom developer id rspilker Low Product pom developer id rzwitserloot Low Product pom developer name Reinier Zwitserloot Low Product pom developer name Roel Spilker Low Product pom groupid org.projectlombok Highest Product pom name Project Lombok High Product pom url https://projectlombok.org Medium Version file version 1.18.38 High Version Manifest lombok-version 1.18.38 Medium Version pom version 1.18.38 Highest
File Path: /opt/tomcat/.m2/repository/org/projectlombok/lombok/1.18.38/lombok-1.18.38.jar/lombok/launch/mavenEcjBootstrapAgent.jarMD5: 885d5d6be90a5dcd4b82cdf741e3f31aSHA1: e1f7f1779f40157fd0b984c1bc32a0cb45cae66eSHA256: 74a80a6ee84e5c6fe497dfcc46a46dbe30578525e747eb531e918ee0750c8da9Referenced In Project/Scope: Commons Web:provided
Evidence Type Source Name Value Confidence Vendor file name mavenEcjBootstrapAgent High Vendor jar package name launch Low Vendor jar package name lombok Low Vendor Manifest can-redefine-classes true Low Product file name mavenEcjBootstrapAgent High Product jar package name launch Low Product Manifest can-redefine-classes true Low
Description:
An annotation processor for generating type-safe bean mappers License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/org/mapstruct/mapstruct/1.5.5.Final/mapstruct-1.5.5.Final.jar
MD5: 9f2f737ffa2496ca5c40dcc323068803
SHA1: 2ca3cbe39b6e9ea8d5ea521965a89bef2a1e8eeb
SHA256: 6391e07982855dd804d825b63a55ab9251003716547216e5f581123c841328d5
Referenced In Project/Scope: Commons Web:compile
mapstruct-1.5.5.Final.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name mapstruct High Vendor jar package name mappers Highest Vendor jar package name mapstruct Highest Vendor Manifest automatic-module-name org.mapstruct Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname org.mapstruct Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid mapstruct Highest Vendor pom artifactid mapstruct Low Vendor pom developer email gunnar@mapstruct.org Low Vendor pom developer id filiphr Medium Vendor pom developer id gunnarmorling Medium Vendor pom developer name Filip Hrisafov Medium Vendor pom developer name Gunnar Morling Medium Vendor pom groupid org.mapstruct Highest Vendor pom name MapStruct Core High Vendor pom parent-artifactid mapstruct-parent Low Vendor pom url https://mapstruct.org/mapstruct/ Highest Product file name mapstruct High Product jar package name mappers Highest Product jar package name mapstruct Highest Product Manifest automatic-module-name org.mapstruct Medium Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name MapStruct Core Medium Product Manifest bundle-symbolicname org.mapstruct Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid mapstruct Highest Product pom developer email gunnar@mapstruct.org Low Product pom developer id filiphr Low Product pom developer id gunnarmorling Low Product pom developer name Filip Hrisafov Low Product pom developer name Gunnar Morling Low Product pom groupid org.mapstruct Highest Product pom name MapStruct Core High Product pom parent-artifactid mapstruct-parent Medium Product pom url https://mapstruct.org/mapstruct/ Medium Version Manifest Bundle-Version 1.5.5.Final High Version pom version 1.5.5.Final Highest
Description:
Module containing common code License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/io/micrometer/micrometer-commons/1.13.13/micrometer-commons-1.13.13.jar
MD5: 3a91c7465b7ee9c005e26c3481a636b2
SHA1: 9fa147a70b0fbc237bd0ce9ec2a2fa9b33bc7bd7
SHA256: 8613395fb4914819610d0b24ccf7345b30ee40e7bc08699cfcfb746bb2cb881d
Referenced In Project/Scope: Commons Web:compile
micrometer-commons-1.13.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework/spring-context@6.1.19
Evidence Type Source Name Value Confidence Vendor file name micrometer-commons High Vendor jar package name common Highest Vendor jar package name io Highest Vendor jar package name micrometer Highest Vendor Manifest automatic-module-name micrometer.commons Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2025-04-14_02:10:16 Low Vendor Manifest build-date-utc 2025-04-14T02:10:16.599617231Z Low Vendor Manifest build-host 090f736fee1d Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 46030 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/46030 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest bundle-symbolicname micrometer-commons Medium Vendor Manifest change fa523b1 Low Vendor Manifest full-change fa523b1549ef38f44966c27ac921592196f09d3f Low Vendor Manifest module-email tludwig@vmware.com Low Vendor Manifest module-origin micrometer-metrics/micrometer.git Low Vendor Manifest module-owner tludwig@vmware.com Low Vendor Manifest module-source /micrometer-commons Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid micrometer-commons Highest Vendor pom artifactid micrometer-commons Low Vendor pom developer email tludwig@vmware.com Low Vendor pom developer id shakuzen Medium Vendor pom developer name Tommy Ludwig Medium Vendor pom groupid io.micrometer Highest Vendor pom name micrometer-commons High Vendor pom url micrometer-metrics/micrometer Highest Product file name micrometer-commons High Product jar package name common Highest Product jar package name io Highest Product jar package name micrometer Highest Product Manifest automatic-module-name micrometer.commons Medium Product Manifest branch HEAD Low Product Manifest build-date 2025-04-14_02:10:16 Low Product Manifest build-date-utc 2025-04-14T02:10:16.599617231Z Low Product Manifest build-host 090f736fee1d Low Product Manifest build-job deploy Low Product Manifest build-number 46030 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/46030 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest Bundle-Name micrometer-commons Medium Product Manifest bundle-symbolicname micrometer-commons Medium Product Manifest change fa523b1 Low Product Manifest full-change fa523b1549ef38f44966c27ac921592196f09d3f Low Product Manifest Implementation-Title io.micrometer#micrometer-commons;1.13.13 High Product Manifest module-email tludwig@vmware.com Low Product Manifest module-origin micrometer-metrics/micrometer.git Low Product Manifest module-owner tludwig@vmware.com Low Product Manifest module-source /micrometer-commons Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid micrometer-commons Highest Product pom developer email tludwig@vmware.com Low Product pom developer id shakuzen Low Product pom developer name Tommy Ludwig Low Product pom groupid io.micrometer Highest Product pom name micrometer-commons High Product pom url micrometer-metrics/micrometer High Version file version 1.13.13 High Version Manifest Bundle-Version 1.13.13 High Version Manifest Implementation-Version 1.13.13 High Version pom version 1.13.13 Highest
Description:
Module containing Observation related code License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/io/micrometer/micrometer-observation/1.13.13/micrometer-observation-1.13.13.jar
MD5: 5511e8e9460c294024a0789dbb015948
SHA1: 8f5dcc8e44120ac65f53cf79581ca8894c560c5b
SHA256: 35b40b485eb0514ff57fa15cbcd3c0cc850a1c72421cb7090e97e8e191167b99
Referenced In Project/Scope: Commons Web:compile
micrometer-observation-1.13.13.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework/spring-context@6.1.19
Evidence Type Source Name Value Confidence Vendor file name micrometer-observation High Vendor jar package name io Highest Vendor jar package name micrometer Highest Vendor jar package name observation Highest Vendor Manifest automatic-module-name micrometer.observation Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2025-04-14_02:10:16 Low Vendor Manifest build-date-utc 2025-04-14T02:10:16.921236628Z Low Vendor Manifest build-host 090f736fee1d Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 46030 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/46030 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest bundle-symbolicname micrometer-observation Medium Vendor Manifest change fa523b1 Low Vendor Manifest full-change fa523b1549ef38f44966c27ac921592196f09d3f Low Vendor Manifest module-email tludwig@vmware.com Low Vendor Manifest module-origin micrometer-metrics/micrometer.git Low Vendor Manifest module-owner tludwig@vmware.com Low Vendor Manifest module-source /micrometer-observation Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid micrometer-observation Highest Vendor pom artifactid micrometer-observation Low Vendor pom developer email tludwig@vmware.com Low Vendor pom developer id shakuzen Medium Vendor pom developer name Tommy Ludwig Medium Vendor pom groupid io.micrometer Highest Vendor pom name micrometer-observation High Vendor pom url micrometer-metrics/micrometer Highest Product file name micrometer-observation High Product jar package name io Highest Product jar package name micrometer Highest Product jar package name observation Highest Product Manifest automatic-module-name micrometer.observation Medium Product Manifest branch HEAD Low Product Manifest build-date 2025-04-14_02:10:16 Low Product Manifest build-date-utc 2025-04-14T02:10:16.921236628Z Low Product Manifest build-host 090f736fee1d Low Product Manifest build-job deploy Low Product Manifest build-number 46030 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/46030 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest Bundle-Name micrometer-observation Medium Product Manifest bundle-symbolicname micrometer-observation Medium Product Manifest change fa523b1 Low Product Manifest full-change fa523b1549ef38f44966c27ac921592196f09d3f Low Product Manifest Implementation-Title io.micrometer#micrometer-observation;1.13.13 High Product Manifest module-email tludwig@vmware.com Low Product Manifest module-origin micrometer-metrics/micrometer.git Low Product Manifest module-owner tludwig@vmware.com Low Product Manifest module-source /micrometer-observation Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid micrometer-observation Highest Product pom developer email tludwig@vmware.com Low Product pom developer id shakuzen Low Product pom developer name Tommy Ludwig Low Product pom groupid io.micrometer Highest Product pom name micrometer-observation High Product pom url micrometer-metrics/micrometer High Version file version 1.13.13 High Version Manifest Bundle-Version 1.13.13 High Version Manifest Implementation-Version 1.13.13 High Version pom version 1.13.13 Highest
Description:
Shared API classes and interfaces File Path: /opt/tomcat/.jenkins/workspace/y-a-foot_y-a-foot_build_develop/y-a-foot-commons-api/pom.xmlReferenced In Project/Scope: Commons Webnet.andresbustamante:y-a-foot-commons-api:2.0.0-SNAPSHOT is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name pom High Vendor project artifactid y-a-foot-commons-api Low Vendor project groupid net.andresbustamante Highest Product file name pom High Product project artifactid y-a-foot-commons-api Highest Product project groupid net.andresbustamante Low
License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/nimbusds/nimbus-jose-jwt/9.37.3/nimbus-jose-jwt-9.37.3.jar/META-INF/maven/com.google.code.gson/gson/pom.xml
MD5: c13f373086992bab8989b514941891a6
SHA1: ce159faf33c1e665e1f3a785a5d678a2b20151bc
SHA256: d2b115634f5c085db4b9c9ffc2658e89e231fdbfbe2242121a1cd95d4d948dd7
Referenced In Project/Scope: Commons Web:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid gson Low Vendor pom groupid com.google.code.gson Highest Vendor pom name Gson High Vendor pom parent-artifactid gson-parent Low Product pom artifactid gson Highest Product pom groupid com.google.code.gson Highest Product pom name Gson High Product pom parent-artifactid gson-parent Medium Version pom version 2.10.1 Highest
Description:
Java library for Javascript Object Signing and Encryption (JOSE) and
JSON Web Tokens (JWT)
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /opt/tomcat/.m2/repository/com/nimbusds/nimbus-jose-jwt/9.37.3/nimbus-jose-jwt-9.37.3.jar
MD5: a2ecba11e197522b7f963cbcf0b59715
SHA1: 700f71ffefd60c16bd8ce711a956967ea9071cec
SHA256: 12ae4a3a260095d7aeba2adea7ae396e8b9570db8b7b409e09a824c219cc0444
Referenced In Project/Scope: Commons Web:compile
nimbus-jose-jwt-9.37.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.security/spring-security-oauth2-jose@6.3.9
Evidence Type Source Name Value Confidence Vendor file name nimbus-jose-jwt High Vendor jar package name jose Highest Vendor jar package name jwt Highest Vendor jar package name nimbusds Highest Vendor Manifest automatic-module-name com.nimbusds.jose.jwt Medium Vendor Manifest build-date ${timestamp} Low Vendor Manifest build-number ${buildNumber} Low Vendor Manifest build-tag 9.37.3 Low Vendor Manifest bundle-docurl https://connect2id.com Low Vendor Manifest bundle-symbolicname com.nimbusds.nimbus-jose-jwt Medium Vendor Manifest implementation-url https://bitbucket.org/connect2id/nimbus-jose-jwt Low Vendor Manifest Implementation-Vendor Connect2id Ltd. High Vendor Manifest Implementation-Vendor-Id com.nimbusds Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor Manifest specification-vendor Connect2id Ltd. Low Vendor pom artifactid nimbus-jose-jwt Highest Vendor pom artifactid nimbus-jose-jwt Low Vendor pom developer email vladimir@dzhuvinov.com Low Vendor pom developer id vdzhuvinov Medium Vendor pom developer name Vladimir Dzhuvinov Medium Vendor pom groupid com.nimbusds Highest Vendor pom name Nimbus JOSE+JWT High Vendor pom organization name Connect2id Ltd. High Vendor pom organization url https://connect2id.com Medium Vendor pom url https://bitbucket.org/connect2id/nimbus-jose-jwt Highest Product file name nimbus-jose-jwt High Product jar package name jose Highest Product jar package name jwt Highest Product jar package name nimbusds Highest Product Manifest automatic-module-name com.nimbusds.jose.jwt Medium Product Manifest build-date ${timestamp} Low Product Manifest build-number ${buildNumber} Low Product Manifest build-tag 9.37.3 Low Product Manifest bundle-docurl https://connect2id.com Low Product Manifest Bundle-Name Nimbus JOSE+JWT Medium Product Manifest bundle-symbolicname com.nimbusds.nimbus-jose-jwt Medium Product Manifest Implementation-Title Nimbus JOSE+JWT High Product Manifest implementation-url https://bitbucket.org/connect2id/nimbus-jose-jwt Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest specification-title Nimbus JOSE+JWT Medium Product pom artifactid nimbus-jose-jwt Highest Product pom developer email vladimir@dzhuvinov.com Low Product pom developer id vdzhuvinov Low Product pom developer name Vladimir Dzhuvinov Low Product pom groupid com.nimbusds Highest Product pom name Nimbus JOSE+JWT High Product pom organization name Connect2id Ltd. Low Product pom organization url https://connect2id.com Low Product pom url https://bitbucket.org/connect2id/nimbus-jose-jwt Medium Version file version 9.37.3 High Version Manifest build-tag 9.37.3 Low Version Manifest Bundle-Version 9.37.3 High Version Manifest Implementation-Version 9.37.3 High Version pom version 9.37.3 Highest
Description:
Spring Core License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /opt/tomcat/.m2/repository/org/springframework/spring-core/6.1.19/spring-core-6.1.19.jar
MD5: c7b7de19a43581b1f22d87fbfa192cd5
SHA1: 85718bafdeda6c6b4b0782afda2002299c3f918a
SHA256: a46e9b693d6be2cce3bc3f2b6ed144c4a7198dcc5c355ca3c63b383d8e911800
Referenced In Project/Scope: Commons Web:compile
spring-core-6.1.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework/spring-context@6.1.19
Evidence Type Source Name Value Confidence Vendor file name spring-core High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name io Highest Vendor jar package name org Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.core Medium Vendor Manifest multi-release true Low Vendor pom artifactid spring-core Highest Vendor pom artifactid spring-core Low Vendor pom developer email juergen.hoeller@broadcom.com Low Vendor pom developer id jhoeller Medium Vendor pom developer name Juergen Hoeller Medium Vendor pom groupid org.springframework Highest Vendor pom name Spring Core High Vendor pom organization name Spring IO High Vendor pom organization url https://spring.io/projects/spring-framework Medium Vendor pom url spring-projects/spring-framework Highest Product file name spring-core High Product hint analyzer product springsource_spring_framework Highest Product jar package name core Highest Product jar package name io Highest Product jar package name org Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.core Medium Product Manifest Implementation-Title spring-core High Product Manifest multi-release true Low Product pom artifactid spring-core Highest Product pom developer email juergen.hoeller@broadcom.com Low Product pom developer id jhoeller Low Product pom developer name Juergen Hoeller Low Product pom groupid org.springframework Highest Product pom name Spring Core High Product pom organization name Spring IO Low Product pom organization url https://spring.io/projects/spring-framework Low Product pom url spring-projects/spring-framework High Version file version 6.1.19 High Version Manifest Implementation-Version 6.1.19 High Version pom version 6.1.19 Highest
Related Dependencies spring-aop-6.1.19.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/spring-aop/6.1.19/spring-aop-6.1.19.jar MD5: b38a285dd96a006d15f0ed36534998b0 SHA1: c18d675301d0e03ecc6253384deafb6ad01824d6 SHA256: 82bf739839ef60d10562958d7dc087380429845eeeef054315c2efe7b54f2483 pkg:maven/org.springframework/spring-aop@6.1.19 spring-beans-6.1.19.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/spring-beans/6.1.19/spring-beans-6.1.19.jar MD5: 4713232688bd4edc3df68a898b22bf3b SHA1: 5350f570eb1a31a42a4afa31ff1292b0c61e2b25 SHA256: 84150f8f35ddbf8369a64b657657778486bdae3286557be54b8b3d9f010fad06 pkg:maven/org.springframework/spring-beans@6.1.19 spring-context-6.1.19.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/spring-context/6.1.19/spring-context-6.1.19.jar MD5: 528d38a917bb7054ed265549428b5b7d SHA1: 00929524186bc9c5997e4a1d8f563c7ca4ae60a7 SHA256: 656af67029d5ba799cfe30b24446645e91c8cf13b5ca726f12c184c5fe78bf74 pkg:maven/org.springframework/spring-context@6.1.19 spring-expression-6.1.19.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/spring-expression/6.1.19/spring-expression-6.1.19.jar MD5: b523eafc3c54b1adf2c069230407d289 SHA1: 8ee244869051ec640e1cdbf94b7138273535d528 SHA256: b7e3261e447920172dbfa6e9d82f69be084ebed7e156274564b729a0fa2e61ae pkg:maven/org.springframework/spring-expression@6.1.19 spring-jcl-6.1.19.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/spring-jcl/6.1.19/spring-jcl-6.1.19.jar MD5: c9398ecd33fd294278d74fb8dad48238 SHA1: 98241467bb50cedcb94cccd540002349499dc3ac SHA256: 076ebc259dd90ee15bf5f971dc97a04d0432a134178bd7c9d6cf5f15b6085291 pkg:maven/org.springframework/spring-jcl@6.1.19 Description:
Spring Security License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-core/6.3.9/spring-security-core-6.3.9.jar
MD5: 119f8471a5db75c043d52e8539b735c6
SHA1: 70dd35fe2c70fe78c3f431647b2fc492f0912120
SHA256: c3b06c4c7e4cc437363785b94d5ac57af5a08ff54046bfecf4c387220660be06
Referenced In Project/Scope: Commons Web:compile
spring-security-core-6.3.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name spring-security-core High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name security Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.security.core Medium Vendor pom artifactid spring-security-core Highest Vendor pom artifactid spring-security-core Low Vendor pom developer email info@pivotal.io Low Vendor pom developer name Pivotal Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.security Highest Vendor pom name spring-security-core High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://spring.io Medium Vendor pom url https://spring.io/projects/spring-security Highest Product file name spring-security-core High Product jar package name core Highest Product jar package name security Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.security.core Medium Product Manifest Implementation-Title spring-security-core High Product pom artifactid spring-security-core Highest Product pom developer email info@pivotal.io Low Product pom developer name Pivotal Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.security Highest Product pom name spring-security-core High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://spring.io Low Product pom url https://spring.io/projects/spring-security Medium Version file version 6.3.9 High Version Manifest Implementation-Version 6.3.9 High Version pom version 6.3.9 Highest
Related Dependencies spring-security-crypto-6.3.9.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-crypto/6.3.9/spring-security-crypto-6.3.9.jar MD5: ae914be1d97e2fce0e2384411d3e668c SHA1: 5bccf0319e5167a58fa64caba898959cbe3110fe SHA256: 73487877b5a8254800e659a42c0311fe5c26fe9cb780d8ff9d4bca04fd10c1e8 pkg:maven/org.springframework.security/spring-security-crypto@6.3.9 Description:
Spring Security License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-oauth2-resource-server/6.3.9/spring-security-oauth2-resource-server-6.3.9.jar
MD5: 2354be71eebe2c9ad68266579cd2b7e0
SHA1: 517b1e3c296869335a3abf6f775ceeba8184d3a8
SHA256: 41037e11206a5e9453e9890c859ca5fed82d1cf79f2ece61d9fd23296390c123
Referenced In Project/Scope: Commons Web:compile
spring-security-oauth2-resource-server-6.3.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name spring-security-oauth2-resource-server High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name oauth2 Highest Vendor jar package name security Highest Vendor jar package name server Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.security.oauth2.resource.server Medium Vendor pom artifactid spring-security-oauth2-resource-server Highest Vendor pom artifactid spring-security-oauth2-resource-server Low Vendor pom developer email info@pivotal.io Low Vendor pom developer name Pivotal Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.security Highest Vendor pom name spring-security-oauth2-resource-server High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://spring.io Medium Vendor pom url https://spring.io/projects/spring-security Highest Product file name spring-security-oauth2-resource-server High Product jar package name oauth2 Highest Product jar package name security Highest Product jar package name server Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.security.oauth2.resource.server Medium Product Manifest Implementation-Title spring-security-oauth2-resource-server High Product pom artifactid spring-security-oauth2-resource-server Highest Product pom developer email info@pivotal.io Low Product pom developer name Pivotal Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.security Highest Product pom name spring-security-oauth2-resource-server High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://spring.io Low Product pom url https://spring.io/projects/spring-security Medium Version file version 6.3.9 High Version Manifest Implementation-Version 6.3.9 High Version pom version 6.3.9 Highest
Related Dependencies spring-security-oauth2-core-6.3.9.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-oauth2-core/6.3.9/spring-security-oauth2-core-6.3.9.jar MD5: e7759eb095c973f30ec0cb02afa3edb3 SHA1: af55f3b1bfa70ea6ab0d49cec043b31f40477cff SHA256: 01ea819beeea787b7811b219044a4267bf68752661b3d5342714ff2fab01b4a2 pkg:maven/org.springframework.security/spring-security-oauth2-core@6.3.9 spring-security-oauth2-jose-6.3.9.jarFile Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-oauth2-jose/6.3.9/spring-security-oauth2-jose-6.3.9.jar MD5: a64633d24cd9bd69180ad417a4b8c64e SHA1: bbcd94afc2880f97bcc71d5bb88882450eb1eb28 SHA256: c907f67c092fda877a6293201b46f8a324fcb3ed0e1c27de7035622e12f99303 pkg:maven/org.springframework.security/spring-security-oauth2-jose@6.3.9 Description:
Spring Security License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /opt/tomcat/.m2/repository/org/springframework/security/spring-security-web/6.3.9/spring-security-web-6.3.9.jar
MD5: d2ffe936d52fc7c438007c14e59641a6
SHA1: 172d00cd128561a0acd2ca81fe7ee508ba489ada
SHA256: 0d452463f5a860da963873842e72dbb96c0198513d19d186cd15fadb111344ab
Referenced In Project/Scope: Commons Web:compile
spring-security-web-6.3.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.security/spring-security-oauth2-resource-server@6.3.9
Evidence Type Source Name Value Confidence Vendor file name spring-security-web High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name security Highest Vendor jar package name springframework Highest Vendor jar package name web Highest Vendor Manifest automatic-module-name spring.security.web Medium Vendor pom artifactid spring-security-web Highest Vendor pom artifactid spring-security-web Low Vendor pom developer email info@pivotal.io Low Vendor pom developer name Pivotal Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.security Highest Vendor pom name spring-security-web High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://spring.io Medium Vendor pom url https://spring.io/projects/spring-security Highest Product file name spring-security-web High Product jar package name security Highest Product jar package name springframework Highest Product jar package name web Highest Product Manifest automatic-module-name spring.security.web Medium Product Manifest Implementation-Title spring-security-web High Product pom artifactid spring-security-web Highest Product pom developer email info@pivotal.io Low Product pom developer name Pivotal Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.security Highest Product pom name spring-security-web High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://spring.io Low Product pom url https://spring.io/projects/spring-security Medium Version file version 6.3.9 High Version Manifest Implementation-Version 6.3.9 High Version pom version 6.3.9 Highest
Description:
Spring Web License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /opt/tomcat/.m2/repository/org/springframework/spring-web/6.1.19/spring-web-6.1.19.jar
MD5: 0dc2be1ade9148172e2c76546eaa6418
SHA1: 86ee75c9042bff1c1e59e35ad15a8f9385b45f0f
SHA256: 163d2155b9ac25eb56b26fd5bf667192c4290992bc0444f90033a81f5f6e887e
Referenced In Project/Scope: Commons Web:compile
spring-web-6.1.19.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/net.andresbustamante/y-a-foot-commons-web@2.0.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name spring-web High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name springframework Highest Vendor jar package name web Highest Vendor Manifest automatic-module-name spring.web Medium Vendor pom artifactid spring-web Highest Vendor pom artifactid spring-web Low Vendor pom developer email juergen.hoeller@broadcom.com Low Vendor pom developer id jhoeller Medium Vendor pom developer name Juergen Hoeller Medium Vendor pom groupid org.springframework Highest Vendor pom name Spring Web High Vendor pom organization name Spring IO High Vendor pom organization url https://spring.io/projects/spring-framework Medium Vendor pom url spring-projects/spring-framework Highest Product file name spring-web High Product hint analyzer product springsource_spring_framework Highest Product jar package name springframework Highest Product jar package name web Highest Product Manifest automatic-module-name spring.web Medium Product Manifest Implementation-Title spring-web High Product pom artifactid spring-web Highest Product pom developer email juergen.hoeller@broadcom.com Low Product pom developer id jhoeller Low Product pom developer name Juergen Hoeller Low Product pom groupid org.springframework Highest Product pom name Spring Web High Product pom organization name Spring IO Low Product pom organization url https://spring.io/projects/spring-framework Low Product pom url spring-projects/spring-framework High Version file version 6.1.19 High Version Manifest Implementation-Version 6.1.19 High Version pom version 6.1.19 Highest