Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 1.2.11
Report Generated On: May 6, 2019 at 23:19:06 UTC
Dependencies Scanned: 2
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD CVE 2002: 02/05/2019 09:15:31
NVD CVE 2003: 04/05/2019 08:45:56
NVD CVE 2004: 01/05/2019 09:15:33
NVD CVE 2005: 02/05/2019 09:15:32
NVD CVE 2006: 04/05/2019 08:45:56
NVD CVE 2007: 04/05/2019 08:45:56
NVD CVE 2008: 04/05/2019 08:45:57
NVD CVE 2009: 04/05/2019 08:45:57
NVD CVE 2010: 04/05/2019 08:45:57
NVD CVE 2011: 04/05/2019 08:45:57
NVD CVE 2012: 04/05/2019 08:15:38
NVD CVE 2013: 04/05/2019 08:15:39
NVD CVE 2014: 04/05/2019 08:15:39
NVD CVE 2015: 04/05/2019 08:15:39
NVD CVE 2016: 04/05/2019 08:15:39
NVD CVE 2017: 06/05/2019 07:45:39
NVD CVE 2018: 06/05/2019 07:45:39
NVD CVE 2019: 06/05/2019 07:15:28
NVD CVE Modified: 06/05/2019 20:15:30

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	CPE	GAV	Highest Severity	CVE Count	CPE Confidence	Evidence Count
jsr305-3.0.0.jar		com.google.code.findbugs:jsr305:3.0.0		0		8
asm-5.0.4.jar		org.ow2.asm:asm:5.0.4		0		16

Dependencies

jsr305-3.0.0.jar

Description: JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /root/.m2/repository/com/google/code/findbugs/jsr305/3.0.0/jsr305-3.0.0.jar
MD5: 195d5db8981fbec5fa18d5df9fad95ed
SHA1: 5871fb60dc68d67da54a663c3fd636a10a532948
Referenced In Project: Java API Sniffer Library

Evidence

Source	Name	Value
file	name	jsr305-3.0.0
jar	package name	annotation
jar	package name	javax
pom	artifactid	jsr305
pom	description	JSR305 Annotations for Findbugs
pom	groupid	com.google.code.findbugs
pom	groupid	google.code.findbugs
pom	name	FindBugs-jsr305

Identifiers

maven: com.google.code.findbugs:jsr305:3.0.0 Confidence:HIGH

asm-5.0.4.jar

File Path: /root/.m2/repository/org/ow2/asm/asm/5.0.4/asm-5.0.4.jar
MD5: c8a73cdfdf802ab0220c860d590d0f84
SHA1: 0da08b8cce7bbf903602a25a3a163ae252435795
Referenced In Project: Java API Sniffer Library

Evidence

Source	Name	Value
file	name	asm-5.0.4
jar	package name	asm
jar	package name	objectweb
Manifest	bundle-docurl	http://asm.objectweb.org
Manifest	Bundle-Name	ASM
Manifest	bundle-requiredexecutionenvironment	J2SE-1.3
Manifest	bundle-symbolicname	org.objectweb.asm
Manifest	Bundle-Vendor	France Telecom R&D
Manifest	Implementation-Title	ASM
Manifest	Implementation-Vendor	France Telecom R&D
pom	artifactid	asm
pom	groupid	org.ow2.asm
pom	groupid	ow2.asm
pom	name	ASM Core
pom	parent-artifactid	asm-parent
pom	parent-groupid	org.ow2.asm

Identifiers

maven: org.ow2.asm:asm:5.0.4 Confidence:HIGH

Project: Java API Sniffer Library

Dependencies

jsr305-3.0.0.jar

Evidence

Identifiers

asm-5.0.4.jar

Evidence

Identifiers