Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Bedework: database specific modules

org.bedework.database:bw-database:6.1.0-SNAPSHOT

Scan Information (show all):

Summary

Summary of Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
bw-base-2.0.0.jarpkg:maven/org.bedework/bw-base@2.0.0 042
bw-util-config-6.0.0.jarpkg:maven/org.bedework/bw-util-config@6.0.0 044
bw-util-jmx-6.0.0.jarpkg:maven/org.bedework/bw-util-jmx@6.0.0 044
bw-util-logging-6.0.0.jarpkg:maven/org.bedework/bw-util-logging@6.0.0 044
bw-util-misc-6.0.0.jarcpe:2.3:a:utils_project:utils:6.0.0:*:*:*:*:*:*:*pkg:maven/org.bedework/bw-util-misc@6.0.0 0Low44
bw-util-xml-6.0.0.jarpkg:maven/org.bedework/bw-util-xml@6.0.0 044
commons-lang3-3.17.0.jarpkg:maven/org.apache.commons/commons-lang3@3.17.0 0145
commons-pool2-2.9.0.jarpkg:maven/org.apache.commons/commons-pool2@2.9.0 088
commons-text-1.13.0.jarcpe:2.3:a:apache:commons_text:1.13.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.13.0 0Highest73
jackson-annotations-2.18.2.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.18.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.18.2 0Low38
jakarta.annotation-api-3.0.0.jarcpe:2.3:a:oracle:projects:3.0.0:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@3.0.0 0Low42
jakarta.jms-api-3.1.0.jarpkg:maven/jakarta.jms/jakarta.jms-api@3.1.0 035
jakarta.persistence-api-3.1.0.jarpkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0 040
jakarta.transaction-api-2.0.1.jarcpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1 0Low50
openjpa-4.1.1.jar (shaded: org.apache.openjpa:openjpa-kernel:4.1.1)cpe:2.3:a:apache:openjpa:4.1.1:*:*:*:*:*:*:*pkg:maven/org.apache.openjpa/openjpa-kernel@4.1.1 0Highest9
openjpa-4.1.1.jarcpe:2.3:a:apache:openjpa:4.1.1:*:*:*:*:*:*:*pkg:maven/org.apache.openjpa/openjpa@4.1.1 0Highest36
org.bedework.database:bw-db:6.1.0-SNAPSHOTpkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT 06
org.bedework.database:bw-jpa:6.1.0-SNAPSHOTpkg:maven/org.bedework.database/bw-jpa@6.1.0-SNAPSHOT 06
xbean-asm9-shaded-4.20.jarpkg:maven/org.apache.xbean/xbean-asm9-shaded@4.20 028

Dependencies (vulnerable)

bw-base-2.0.0.jar

Description:

This project provides base classes, types and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-base/2.0.0/bw-base-2.0.0.jar
MD5: 0480624145ad4fc5daeba898b7132099
SHA1: b24b7279e0475bb3c8c84e37af400ad87877c955
SHA256:10d27642e3bf1f2f4f85320293b5041b7e34cba02cc2656f29e79f75cee97cc5
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

bw-base-2.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT

Identifiers

bw-util-config-6.0.0.jar

Description:

This project provides a number of utility configuration classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-util-config/6.0.0/bw-util-config-6.0.0.jar
MD5: 974d4ee4953df439fc3753869cc469da
SHA1: c1f787f23f0c5028280a457d0709418ea332fe09
SHA256:97ee0ce50094f85f881d63fb423dfb7ae1973843ac6028f0488860394553aa60
Referenced In Projects/Scopes:
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

bw-util-config-6.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-jpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT

Identifiers

bw-util-jmx-6.0.0.jar

Description:

This project provides a number of utility configuration classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-util-jmx/6.0.0/bw-util-jmx-6.0.0.jar
MD5: e7ffae94c51d5c62aa657c7f321607b5
SHA1: cbfbb6e89fa5adac492adcc48866cfec62cc932d
SHA256:60b3d4ce24901fc1ab0b741be3413efaffb263f99f368062618478c67e7fd3b9
Referenced In Projects/Scopes:
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile

bw-util-jmx-6.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT

Identifiers

bw-util-logging-6.0.0.jar

Description:

This project provides logging utility classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-util-logging/6.0.0/bw-util-logging-6.0.0.jar
MD5: 2c63b9031e2d0852a00e57753320b409
SHA1: a12c15e6670f1298c8c4779d08b24595e921aceb
SHA256:e26bbaf5a5dcad998990fdc647f448b2e2dcac6eb628be6945fe24d53759b745
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

bw-util-logging-6.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-jpa@6.1.0-SNAPSHOT

Identifiers

bw-util-misc-6.0.0.jar

Description:

This project provides a number of utility classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-util-misc/6.0.0/bw-util-misc-6.0.0.jar
MD5: a54be794abde392b2c1f7fb2935ad372
SHA1: ca14c1131c38ac51caa478cb4ea5df738fc6f106
SHA256:a2243c42722fcaa848e6f0fca44634c0c5685e57bb0c2a2d2f394bf9543bd5ae
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

bw-util-misc-6.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-jpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework/bw-util-xml@6.0.0
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT

Identifiers

bw-util-xml-6.0.0.jar

Description:

This project provides a number of utility classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/org/bedework/bw-util-xml/6.0.0/bw-util-xml-6.0.0.jar
MD5: 9511e1c44083306be4587dcacaea03a0
SHA1: a5486ab6b6da48523d7fc224662a3ddbbb26b090
SHA256:cd96fdeb127ccdf57f7ce99c63b27933b407b7b64cc4f723b79342c47908658a
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

bw-util-xml-6.0.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT

Identifiers

commons-lang3-3.17.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17 and 21 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.17.0/commons-lang3-3.17.0.jar
MD5: 7730df72b7fdff4a3a32d89a314f826a
SHA1: b17d2136f0460dcc0d2016ceefca8723bdf4ee70
SHA256:6ee731df5c8e5a2976a1ca023b6bb320ea8d3539fbe64c8a1d5cb765127c33b4
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

commons-lang3-3.17.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework/bw-util-misc@6.0.0
  • pkg:maven/org.bedework/bw-util-xml@6.0.0
  • pkg:maven/org.bedework/bw-util-misc@6.0.0
  • pkg:maven/org.bedework/bw-util-misc@6.0.0

Identifiers

commons-pool2-2.9.0.jar

Description:

The Apache Commons Object Pooling Library.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-pool2/2.9.0/commons-pool2-2.9.0.jar
MD5: 1f14cc5528953687f915bddf4fe150ec
SHA1: 58e9e8bbd29cf3e7861cb80c0a615770baffe840
SHA256:bc919b426bfafb31ecc45d6652a9f137462465d849fb3873d78d90c3f8d35b01
Referenced In Project/Scope: Bedework: openjpa utility:compile
commons-pool2-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.openjpa/openjpa@4.1.1

Identifiers

commons-text-1.13.0.jar

Description:

Apache Commons Text is a set of utility functions and reusable components for the purpose of processing
    and manipulating text that should be of use in a Java environment.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.13.0/commons-text-1.13.0.jar
MD5: 4b4766452c04316e3ef6ffe3490d6b10
SHA1: ba2ed5521c491cabf7ecdb57f77922561c2e8958
SHA256:1e323a501127df78ed0987f345d69d65d0ea7fa3d4fb5b3f84aaeba3a8b20f38
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

commons-text-1.13.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework/bw-util-misc@6.0.0
  • pkg:maven/org.bedework/bw-util-xml@6.0.0
  • pkg:maven/org.bedework/bw-util-misc@6.0.0
  • pkg:maven/org.bedework/bw-util-misc@6.0.0

Identifiers

jackson-annotations-2.18.2.jar

Description:

Core annotations used for value types, used by Jackson data binding package.

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.18.2/jackson-annotations-2.18.2.jar
MD5: 79d38d3c51068a2bbc40268d02f80763
SHA1: 985d77751ebc7fce5db115a986bc9aa82f973f4a
SHA256:581bd61000ef7648943f781ca05689e56d03f6052748365a8e2b3a9b5d3fa32f
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

jackson-annotations-2.18.2.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework/bw-util-logging@6.0.0
  • pkg:maven/org.bedework/bw-util-logging@6.0.0
  • pkg:maven/org.bedework/bw-util-logging@6.0.0
  • pkg:maven/org.bedework/bw-util-logging@6.0.0

Identifiers

jakarta.annotation-api-3.0.0.jar

Description:

Jakarta Annotations API

License:

EPL 2.0: https://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /home/runner/.m2/repository/jakarta/annotation/jakarta.annotation-api/3.0.0/jakarta.annotation-api-3.0.0.jar
MD5: 7faffaab962918da4cf5ddfd76609dd2
SHA1: 54f928fadec906a99d558536756d171917b9d936
SHA256:b01f55552284cfb149411e64eabca75e942d26d2e1786b32914250e4330afaa2
Referenced In Project/Scope: Bedework: openjpa utility:compile
jakarta.annotation-api-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.openjpa/openjpa@4.1.1

Identifiers

jakarta.jms-api-3.1.0.jar

Description:

        Jakarta Messaging describes a means for Java applications to create, send, 
        and receive messages via loosely coupled, reliable asynchronous communication services.

License:

Eclipse Public License 2.0: https://projects.eclipse.org/license/epl-2.0
GNU General Public License, version 2 with the GNU Classpath Exception: https://projects.eclipse.org/license/secondary-gpl-2.0-cp
File Path: /home/runner/.m2/repository/jakarta/jms/jakarta.jms-api/3.1.0/jakarta.jms-api-3.1.0.jar
MD5: 68b9809056047472375bf10441b2a26f
SHA1: e194cf91a3f908e4846542849ac11a8e0b3c68ad
SHA256:6605e08075ab389c359451c7854808cf4b1575e1ea6317e534e9d4df088096df
Referenced In Project/Scope: Bedework: openjpa utility:compile
jakarta.jms-api-3.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.openjpa/openjpa@4.1.1

Identifiers

jakarta.persistence-api-3.1.0.jar

Description:

Jakarta Persistence 3.1 API jar

License:

Eclipse Public License v. 2.0: http://www.eclipse.org/legal/epl-2.0
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /home/runner/.m2/repository/jakarta/persistence/jakarta.persistence-api/3.1.0/jakarta.persistence-api-3.1.0.jar
MD5: 35a1b7dfb38cf44ff795be607b0e6b5b
SHA1: 66901fa1c373c6aff65c13791cc11da72060a8d6
SHA256:475389446d35c6f46c565728b756dc508c284644ea2690644e0d8e7e339d42fd
Referenced In Projects/Scopes:
  • Bedework: database orm independent modules:compile
  • Bedework: database hibernate modules:compile
  • Bedework: openjpa utility:compile
  • Bedework: jpa utility:compile

jakarta.persistence-api-3.1.0.jar is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-db@6.1.0-SNAPSHOT

Identifiers

jakarta.transaction-api-2.0.1.jar

Description:

Jakarta Transactions

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /home/runner/.m2/repository/jakarta/transaction/jakarta.transaction-api/2.0.1/jakarta.transaction-api-2.0.1.jar
MD5: 5315974a3935e342b40849478e1c9966
SHA1: 51a520e3fae406abb84e2e1148e6746ce3f80a1a
SHA256:50c0a7c760c13ae6c042acf182b28f0047413db95b4636fb8879bcffab5ba875
Referenced In Project/Scope: Bedework: openjpa utility:compile
jakarta.transaction-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.openjpa/openjpa@4.1.1

Identifiers

openjpa-4.1.1.jar (shaded: org.apache.openjpa:openjpa-kernel:4.1.1)

Description:

OpenJPA Kernel

File Path: /home/runner/.m2/repository/org/apache/openjpa/openjpa/4.1.1/openjpa-4.1.1.jar/META-INF/maven/org.apache.openjpa/openjpa-kernel/pom.xml
MD5: f2a4f67cd10646806f86393a00d77445
SHA1: 3330e7f86f34e9df130322312a1e9cbf3af91c59
SHA256:5fe9360ba0c918f3662d3db51693bf950082afaf32ff6ec99f3d402b51a88414
Referenced In Project/Scope: Bedework: openjpa utility:compile

Identifiers

openjpa-4.1.1.jar

Description:

Apache OpenJPA implementation of Jakarta JPA 3.1

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/openjpa/openjpa/4.1.1/openjpa-4.1.1.jar
MD5: 156d456ada7011b67c82adbaa094a68d
SHA1: 29a4cc3a375a6eb11caa1c27babf7f28c45aa3e2
SHA256:d72e339d46a43cdcc80bbb332174f0d6ef4a3c03fede7b2fb3d64dd9027b21ea
Referenced In Project/Scope: Bedework: openjpa utility:compile
openjpa-4.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT

Identifiers

org.bedework.database:bw-db:6.1.0-SNAPSHOT

Description:

This project provides a number of database utility classes and methods

License:

Apache License Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/work/bw-database/bw-database/bw-db/pom.xml

Referenced In Projects/Scopes:
  • Bedework: database hibernate modules
  • Bedework: jpa utility
  • Bedework: openjpa utility

org.bedework.database:bw-db:6.1.0-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-jpa@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT

Identifiers

org.bedework.database:bw-jpa:6.1.0-SNAPSHOT

Description:

jpa utility classes

License:

Apache License Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/work/bw-database/bw-database/bw-jpa/pom.xml

Referenced In Projects/Scopes:
  • Bedework: database hibernate modules
  • Bedework: openjpa utility

org.bedework.database:bw-jpa:6.1.0-SNAPSHOT is in the transitive dependency tree of the listed items.Included by:
  • pkg:maven/org.bedework.database/bw-hibernate@6.1.0-SNAPSHOT
  • pkg:maven/org.bedework.database/bw-openjpa@6.1.0-SNAPSHOT

Identifiers

xbean-asm9-shaded-4.20.jar

Description:

Repackaged and shaded asm jars

License:

http://asm.ow2.org/license.html
http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/xbean/xbean-asm9-shaded/4.20/xbean-asm9-shaded-4.20.jar
MD5: e5e46dfa7753743138e247e5796647a5
SHA1: 17f4dc86c438d1f4775eda3cf656f0040ea451e7
SHA256:2af1dd4d9e801aa65f960a1dc43376bcd408da4e244600aa6da18bcf8b904190
Referenced In Project/Scope: Bedework: openjpa utility:compile
xbean-asm9-shaded-4.20.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.openjpa/openjpa@4.1.1

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.