Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 12.1.3
Report Generated On: Mon, 3 Nov 2025 03:11:19 GMT
Dependencies Scanned: 9 (8 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2025-11-03T03:11:07Z
NVD API Last Modified: 2025-11-03T02:15:42Z

Summary

Summary of Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Confidence	Evidence Count
bw-base-2.0.0.jar		pkg:maven/org.bedework/bw-base@2.0.0		42
bw-json-2.0.0.jar		pkg:maven/org.bedework/bw-json@2.0.0		42
bw-util-logging-6.0.0.jar		pkg:maven/org.bedework/bw-util-logging@6.0.0		44
bw-util-misc-6.0.1.jar	cpe:2.3:a:utils_project:utils:6.0.1:::::::*	pkg:maven/org.bedework/bw-util-misc@6.0.1	Low	44
commons-lang3-3.18.0.jar	cpe:2.3:a:apache:commons_lang:3.18.0:::::::*	pkg:maven/org.apache.commons/commons-lang3@3.18.0	Highest	145
commons-text-1.14.0.jar	cpe:2.3:a:apache:commons_text:1.14.0:::::::*	pkg:maven/org.apache.commons/commons-text@1.14.0	Highest	73
jackson-core-2.18.2.jar	cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.2:::::::*	pkg:maven/com.fasterxml.jackson.core/jackson-core@2.18.2	Low	47
jackson-databind-2.18.2.jar	cpe:2.3:a:fasterxml:jackson-databind:2.18.2:::::::* cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.2:::::::*	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.2	Highest	41

Dependencies (vulnerable)

bw-base-2.0.0.jar

Description:

This project provides base classes, types and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/org/bedework/bw-base/2.0.0/bw-base-2.0.0.jar
MD5: 0480624145ad4fc5daeba898b7132099
SHA1: b24b7279e0475bb3c8c84e37af400ad87877c955
SHA256:10d27642e3bf1f2f4f85320293b5041b7e34cba02cc2656f29e79f75cee97cc5
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-util-misc@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	bw-base	High
Vendor	jar	package name	base	Highest
Vendor	jar	package name	bedework	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	implementation-url	https://github.com/Bedework/bw-base	Low
Vendor	Manifest	Implementation-Vendor	Bedework	High
Vendor	Manifest	os-arch	x86_64	Low
Vendor	Manifest	os-name	Mac OS X	Medium
Vendor	Manifest	specification-vendor	Bedework	Low
Vendor	pom	artifactid	bw-base	Highest
Vendor	pom	artifactid	bw-base	Low
Vendor	pom	developer name	Arlen Johnson	Medium
Vendor	pom	developer name	Mike Douglass	Medium
Vendor	pom	developer org	Bedework Commercial Services	Medium
Vendor	pom	developer org	Spherical Cow Group	Medium
Vendor	pom	developer org URL	http://sphericalcowgroup.com/	Medium
Vendor	pom	developer org URL	https://bedework.com/	Medium
Vendor	pom	groupid	org.bedework	Highest
Vendor	pom	name	Bedework: base classes	High
Vendor	pom	url	Bedework/bw-base	Highest
Product	file	name	bw-base	High
Product	jar	package name	base	Highest
Product	jar	package name	bedework	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	Implementation-Title	Bedework: base classes	High
Product	Manifest	implementation-url	https://github.com/Bedework/bw-base	Low
Product	Manifest	os-arch	x86_64	Low
Product	Manifest	os-name	Mac OS X	Medium
Product	Manifest	specification-title	Bedework: base classes	Medium
Product	pom	artifactid	bw-base	Highest
Product	pom	developer name	Arlen Johnson	Low
Product	pom	developer name	Mike Douglass	Low
Product	pom	developer org	Bedework Commercial Services	Low
Product	pom	developer org	Spherical Cow Group	Low
Product	pom	developer org URL	http://sphericalcowgroup.com/	Low
Product	pom	developer org URL	https://bedework.com/	Low
Product	pom	groupid	org.bedework	Highest
Product	pom	name	Bedework: base classes	High
Product	pom	url	Bedework/bw-base	High
Version	file	version	2.0.0	High
Version	Manifest	Implementation-Version	2.0.0	High
Version	pom	version	2.0.0	Highest

Identifiers

pkg:maven/org.bedework/bw-base@2.0.0 (Confidence:High)

bw-json-2.0.0.jar

Description:

Basic support for json objects and types

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/org/bedework/bw-json/2.0.0/bw-json-2.0.0.jar
MD5: a97a252aed908b9bc390244809a92c29
SHA1: 78247848e3932c0525eca7b7e741298733b80a39
SHA256:9a008086675735d888bb7d7422c9763c2f9ea16c53b7436062a90aaf0d72a090
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-schemaorgforj@2.1.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	bw-json	High
Vendor	jar	package name	bedework	Highest
Vendor	jar	package name	json	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	implementation-url	https://github.com/Bedework/bw-json	Low
Vendor	Manifest	Implementation-Vendor	Bedework	High
Vendor	Manifest	os-arch	x86_64	Low
Vendor	Manifest	os-name	Mac OS X	Medium
Vendor	Manifest	specification-vendor	Bedework	Low
Vendor	pom	artifactid	bw-json	Highest
Vendor	pom	artifactid	bw-json	Low
Vendor	pom	developer name	Arlen Johnson	Medium
Vendor	pom	developer name	Mike Douglass	Medium
Vendor	pom	developer org	Bedework Commercial Services	Medium
Vendor	pom	developer org	Spherical Cow Group	Medium
Vendor	pom	developer org URL	http://sphericalcowgroup.com/	Medium
Vendor	pom	developer org URL	https://bedework.com/	Medium
Vendor	pom	groupid	org.bedework	Highest
Vendor	pom	name	Bedework json: Basic support for json objects and types	High
Vendor	pom	url	Bedework/bw-json	Highest
Product	file	name	bw-json	High
Product	jar	package name	bedework	Highest
Product	jar	package name	json	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	Implementation-Title	Bedework json: Basic support for json objects and types	High
Product	Manifest	implementation-url	https://github.com/Bedework/bw-json	Low
Product	Manifest	os-arch	x86_64	Low
Product	Manifest	os-name	Mac OS X	Medium
Product	Manifest	specification-title	Bedework json: Basic support for json objects and types	Medium
Product	pom	artifactid	bw-json	Highest
Product	pom	developer name	Arlen Johnson	Low
Product	pom	developer name	Mike Douglass	Low
Product	pom	developer org	Bedework Commercial Services	Low
Product	pom	developer org	Spherical Cow Group	Low
Product	pom	developer org URL	http://sphericalcowgroup.com/	Low
Product	pom	developer org URL	https://bedework.com/	Low
Product	pom	groupid	org.bedework	Highest
Product	pom	name	Bedework json: Basic support for json objects and types	High
Product	pom	url	Bedework/bw-json	High
Version	file	version	2.0.0	High
Version	Manifest	Implementation-Version	2.0.0	High
Version	pom	version	2.0.0	Highest

Identifiers

pkg:maven/org.bedework/bw-json@2.0.0 (Confidence:High)

bw-util-logging-6.0.0.jar

Description:

This project provides logging utility classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/org/bedework/bw-util-logging/6.0.0/bw-util-logging-6.0.0.jar
MD5: 2c63b9031e2d0852a00e57753320b409
SHA1: a12c15e6670f1298c8c4779d08b24595e921aceb
SHA256:e26bbaf5a5dcad998990fdc647f448b2e2dcac6eb628be6945fe24d53759b745
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-schemaorgforj@2.1.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	bw-util-logging	High
Vendor	jar	package name	bedework	Highest
Vendor	jar	package name	logging	Highest
Vendor	jar	package name	util	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	implementation-url	https://github.com/Bedework/bw-util-logging	Low
Vendor	Manifest	Implementation-Vendor	Bedework	High
Vendor	Manifest	os-arch	x86_64	Low
Vendor	Manifest	os-name	Mac OS X	Medium
Vendor	Manifest	specification-vendor	Bedework	Low
Vendor	pom	artifactid	bw-util-logging	Highest
Vendor	pom	artifactid	bw-util-logging	Low
Vendor	pom	developer name	Arlen Johnson	Medium
Vendor	pom	developer name	Mike Douglass	Medium
Vendor	pom	developer org	Bedework Commercial Services	Medium
Vendor	pom	developer org	Spherical Cow Group	Medium
Vendor	pom	developer org URL	http://sphericalcowgroup.com/	Medium
Vendor	pom	developer org URL	https://bedework.com/	Medium
Vendor	pom	groupid	org.bedework	Highest
Vendor	pom	name	Bedework: logging classes	High
Vendor	pom	url	Bedework/bw-util-logging	Highest
Product	file	name	bw-util-logging	High
Product	jar	package name	bedework	Highest
Product	jar	package name	logging	Highest
Product	jar	package name	util	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	Implementation-Title	Bedework: logging classes	High
Product	Manifest	implementation-url	https://github.com/Bedework/bw-util-logging	Low
Product	Manifest	os-arch	x86_64	Low
Product	Manifest	os-name	Mac OS X	Medium
Product	Manifest	specification-title	Bedework: logging classes	Medium
Product	pom	artifactid	bw-util-logging	Highest
Product	pom	developer name	Arlen Johnson	Low
Product	pom	developer name	Mike Douglass	Low
Product	pom	developer org	Bedework Commercial Services	Low
Product	pom	developer org	Spherical Cow Group	Low
Product	pom	developer org URL	http://sphericalcowgroup.com/	Low
Product	pom	developer org URL	https://bedework.com/	Low
Product	pom	groupid	org.bedework	Highest
Product	pom	name	Bedework: logging classes	High
Product	pom	url	Bedework/bw-util-logging	High
Version	file	version	6.0.0	High
Version	Manifest	Implementation-Version	6.0.0	High
Version	pom	version	6.0.0	Highest

Identifiers

pkg:maven/org.bedework/bw-util-logging@6.0.0 (Confidence:High)

bw-util-misc-6.0.1.jar

Description:

This project provides a number of utility classes and methods

License:

Apache License Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html

File Path: /home/runner/.m2/repository/org/bedework/bw-util-misc/6.0.1/bw-util-misc-6.0.1.jar
MD5: 9dc0272f11c9a1803a160354fe2e5872
SHA1: 905462b918aab23efb8940c4270f3c087870c784
SHA256:7662745dcbbeddcb3f15e2db9ffd5cfa9fe1c55a015b378f99cde1de5dcfe0e4
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-schemaorgforj@2.1.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	bw-util-misc	High
Vendor	jar	package name	bedework	Highest
Vendor	jar	package name	misc	Highest
Vendor	jar	package name	util	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	implementation-url	https://github.com/Bedework/bw-util/bw-util-misc	Low
Vendor	Manifest	Implementation-Vendor	Bedework	High
Vendor	Manifest	os-arch	x86_64	Low
Vendor	Manifest	os-name	Mac OS X	Medium
Vendor	Manifest	specification-vendor	Bedework	Low
Vendor	pom	artifactid	bw-util-misc	Highest
Vendor	pom	artifactid	bw-util-misc	Low
Vendor	pom	developer name	Arlen Johnson	Medium
Vendor	pom	developer name	Mike Douglass	Medium
Vendor	pom	developer org	Bedework Commercial Services	Medium
Vendor	pom	developer org	Spherical Cow Group	Medium
Vendor	pom	developer org URL	http://sphericalcowgroup.com/	Medium
Vendor	pom	developer org URL	https://bedework.com/	Medium
Vendor	pom	groupid	org.bedework	Highest
Vendor	pom	name	Bedework: misc utils	High
Vendor	pom	url	Bedework/bw-util/bw-util-misc	Highest
Product	file	name	bw-util-misc	High
Product	jar	package name	bedework	Highest
Product	jar	package name	misc	Highest
Product	jar	package name	util	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	Implementation-Title	Bedework: misc utils	High
Product	Manifest	implementation-url	https://github.com/Bedework/bw-util/bw-util-misc	Low
Product	Manifest	os-arch	x86_64	Low
Product	Manifest	os-name	Mac OS X	Medium
Product	Manifest	specification-title	Bedework: misc utils	Medium
Product	pom	artifactid	bw-util-misc	Highest
Product	pom	developer name	Arlen Johnson	Low
Product	pom	developer name	Mike Douglass	Low
Product	pom	developer org	Bedework Commercial Services	Low
Product	pom	developer org	Spherical Cow Group	Low
Product	pom	developer org URL	http://sphericalcowgroup.com/	Low
Product	pom	developer org URL	https://bedework.com/	Low
Product	pom	groupid	org.bedework	Highest
Product	pom	name	Bedework: misc utils	High
Product	pom	url	Bedework/bw-util/bw-util-misc	High
Version	file	version	6.0.1	High
Version	Manifest	Implementation-Version	6.0.1	High
Version	pom	version	6.0.1	Highest

Identifiers

pkg:maven/org.bedework/bw-util-misc@6.0.1 (Confidence:High)
cpe:2.3:a:utils_project:utils:6.0.1:*:*:*:*:*:*:* (Confidence:Low)

commons-lang3-3.18.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17 and 21 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.18.0/commons-lang3-3.18.0.jar
MD5: 48b9886957920a4cdb602780ca345087
SHA1: fb14946f0e39748a6571de0635acbe44e7885491
SHA256:4eeeae8d20c078abb64b015ec158add383ac581571cddc45c68f0c9ae0230720
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-util-misc@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-lang3	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	lang3	Highest
Vendor	Manifest	automatic-module-name	org.apache.commons.lang3	Medium
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-lang/	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.lang3	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-lang3	Highest
Vendor	pom	artifactid	commons-lang3	Low
Vendor	pom	developer email	bayard@apache.org	Low
Vendor	pom	developer email	britter@apache.org	Low
Vendor	pom	developer email	chtompki@apache.org	Low
Vendor	pom	developer email	djones@apache.org	Low
Vendor	pom	developer email	dlr@finemaltcoding.com	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	jcarman@apache.org	Low
Vendor	pom	developer email	joerg.schaible@gmx.de	Low
Vendor	pom	developer email	lguibert@apache.org	Low
Vendor	pom	developer email	oheger@apache.org	Low
Vendor	pom	developer email	pbenedict@apache.org	Low
Vendor	pom	developer email	rdonkin@apache.org	Low
Vendor	pom	developer email	scolebourne@joda.org	Low
Vendor	pom	developer email	stevencaswell@apache.org	Low
Vendor	pom	developer id	bayard	Medium
Vendor	pom	developer id	britter	Medium
Vendor	pom	developer id	chtompki	Medium
Vendor	pom	developer id	djones	Medium
Vendor	pom	developer id	dlr	Medium
Vendor	pom	developer id	fredrik	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	jcarman	Medium
Vendor	pom	developer id	joehni	Medium
Vendor	pom	developer id	lguibert	Medium
Vendor	pom	developer id	mbenson	Medium
Vendor	pom	developer id	niallp	Medium
Vendor	pom	developer id	oheger	Medium
Vendor	pom	developer id	pbenedict	Medium
Vendor	pom	developer id	rdonkin	Medium
Vendor	pom	developer id	scaswell	Medium
Vendor	pom	developer id	scolebourne	Medium
Vendor	pom	developer name	Benedikt Ritter	Medium
Vendor	pom	developer name	Daniel Rall	Medium
Vendor	pom	developer name	Duncan Jones	Medium
Vendor	pom	developer name	Fredrik Westermarck	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Henri Yandell	Medium
Vendor	pom	developer name	James Carman	Medium
Vendor	pom	developer name	Joerg Schaible	Medium
Vendor	pom	developer name	Loic Guibert	Medium
Vendor	pom	developer name	Matt Benson	Medium
Vendor	pom	developer name	Niall Pemberton	Medium
Vendor	pom	developer name	Oliver Heger	Medium
Vendor	pom	developer name	Paul Benedict	Medium
Vendor	pom	developer name	Rob Tompkins	Medium
Vendor	pom	developer name	Robert Burrell Donkin	Medium
Vendor	pom	developer name	Stephen Colebourne	Medium
Vendor	pom	developer name	Steven Caswell	Medium
Vendor	pom	developer org	Carman Consulting, Inc.	Medium
Vendor	pom	developer org	CollabNet, Inc.	Medium
Vendor	pom	developer org	SITA ATS Ltd	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	org.apache.commons	Highest
Vendor	pom	name	Apache Commons Lang	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	url	https://commons.apache.org/proper/commons-lang/	Highest
Product	file	name	commons-lang3	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	lang3	Highest
Product	Manifest	automatic-module-name	org.apache.commons.lang3	Medium
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-lang/	Low
Product	Manifest	Bundle-Name	Apache Commons Lang	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.lang3	Medium
Product	Manifest	Implementation-Title	Apache Commons Lang	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons Lang	Medium
Product	pom	artifactid	commons-lang3	Highest
Product	pom	developer email	bayard@apache.org	Low
Product	pom	developer email	britter@apache.org	Low
Product	pom	developer email	chtompki@apache.org	Low
Product	pom	developer email	djones@apache.org	Low
Product	pom	developer email	dlr@finemaltcoding.com	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	jcarman@apache.org	Low
Product	pom	developer email	joerg.schaible@gmx.de	Low
Product	pom	developer email	lguibert@apache.org	Low
Product	pom	developer email	oheger@apache.org	Low
Product	pom	developer email	pbenedict@apache.org	Low
Product	pom	developer email	rdonkin@apache.org	Low
Product	pom	developer email	scolebourne@joda.org	Low
Product	pom	developer email	stevencaswell@apache.org	Low
Product	pom	developer id	bayard	Low
Product	pom	developer id	britter	Low
Product	pom	developer id	chtompki	Low
Product	pom	developer id	djones	Low
Product	pom	developer id	dlr	Low
Product	pom	developer id	fredrik	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	jcarman	Low
Product	pom	developer id	joehni	Low
Product	pom	developer id	lguibert	Low
Product	pom	developer id	mbenson	Low
Product	pom	developer id	niallp	Low
Product	pom	developer id	oheger	Low
Product	pom	developer id	pbenedict	Low
Product	pom	developer id	rdonkin	Low
Product	pom	developer id	scaswell	Low
Product	pom	developer id	scolebourne	Low
Product	pom	developer name	Benedikt Ritter	Low
Product	pom	developer name	Daniel Rall	Low
Product	pom	developer name	Duncan Jones	Low
Product	pom	developer name	Fredrik Westermarck	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Henri Yandell	Low
Product	pom	developer name	James Carman	Low
Product	pom	developer name	Joerg Schaible	Low
Product	pom	developer name	Loic Guibert	Low
Product	pom	developer name	Matt Benson	Low
Product	pom	developer name	Niall Pemberton	Low
Product	pom	developer name	Oliver Heger	Low
Product	pom	developer name	Paul Benedict	Low
Product	pom	developer name	Rob Tompkins	Low
Product	pom	developer name	Robert Burrell Donkin	Low
Product	pom	developer name	Stephen Colebourne	Low
Product	pom	developer name	Steven Caswell	Low
Product	pom	developer org	Carman Consulting, Inc.	Low
Product	pom	developer org	CollabNet, Inc.	Low
Product	pom	developer org	SITA ATS Ltd	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	org.apache.commons	Highest
Product	pom	name	Apache Commons Lang	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	url	https://commons.apache.org/proper/commons-lang/	Medium
Version	file	version	3.18.0	High
Version	Manifest	Bundle-Version	3.18.0	High
Version	Manifest	Implementation-Version	3.18.0	High
Version	pom	parent-version	3.18.0	Low
Version	pom	version	3.18.0	Highest

Identifiers

pkg:maven/org.apache.commons/commons-lang3@3.18.0 (Confidence:High)
cpe:2.3:a:apache:commons_lang:3.18.0:*:*:*:*:*:*:* (Confidence:Highest)

commons-text-1.14.0.jar

Description:

Apache Commons Text is a set of utility functions and reusable components for processing
    and manipulating text in a Java environment.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.14.0/commons-text-1.14.0.jar
MD5: 54960a12a82d52df3d5548d6934d87b2
SHA1: adcb0d4c67eabc79682604b47eb852aaff21138a
SHA256:121fce2282910c8f0c3ba793a5436b31beb710423cbe2d574a3fb7a73c508e92
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-util-misc@6.0.1

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	commons-text	High
Vendor	jar	package name	apache	Highest
Vendor	jar	package name	commons	Highest
Vendor	jar	package name	text	Highest
Vendor	Manifest	automatic-module-name	org.apache.commons.text	Medium
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-text	Low
Vendor	Manifest	bundle-symbolicname	org.apache.commons.text	Medium
Vendor	Manifest	Implementation-Vendor	The Apache Software Foundation	High
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	The Apache Software Foundation	Low
Vendor	pom	artifactid	commons-text	Highest
Vendor	pom	artifactid	commons-text	Low
Vendor	pom	developer email	britter@apache.org	Low
Vendor	pom	developer email	chtompki@apache.org	Low
Vendor	pom	developer email	djones@apache.org	Low
Vendor	pom	developer email	ggregory at apache.org	Low
Vendor	pom	developer email	kinow@apache.org	Low
Vendor	pom	developer id	britter	Medium
Vendor	pom	developer id	chtompki	Medium
Vendor	pom	developer id	djones	Medium
Vendor	pom	developer id	ggregory	Medium
Vendor	pom	developer id	kinow	Medium
Vendor	pom	developer name	Benedikt Ritter	Medium
Vendor	pom	developer name	Bruno P. Kinoshita	Medium
Vendor	pom	developer name	Duncan Jones	Medium
Vendor	pom	developer name	Gary Gregory	Medium
Vendor	pom	developer name	Rob Tompkins	Medium
Vendor	pom	developer org	The Apache Software Foundation	Medium
Vendor	pom	developer org URL	https://www.apache.org/	Medium
Vendor	pom	groupid	org.apache.commons	Highest
Vendor	pom	name	Apache Commons Text	High
Vendor	pom	parent-artifactid	commons-parent	Low
Vendor	pom	url	https://commons.apache.org/proper/commons-text	Highest
Product	file	name	commons-text	High
Product	jar	package name	apache	Highest
Product	jar	package name	commons	Highest
Product	jar	package name	text	Highest
Product	Manifest	automatic-module-name	org.apache.commons.text	Medium
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	https://commons.apache.org/proper/commons-text	Low
Product	Manifest	Bundle-Name	Apache Commons Text	Medium
Product	Manifest	bundle-symbolicname	org.apache.commons.text	Medium
Product	Manifest	Implementation-Title	Apache Commons Text	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Apache Commons Text	Medium
Product	pom	artifactid	commons-text	Highest
Product	pom	developer email	britter@apache.org	Low
Product	pom	developer email	chtompki@apache.org	Low
Product	pom	developer email	djones@apache.org	Low
Product	pom	developer email	ggregory at apache.org	Low
Product	pom	developer email	kinow@apache.org	Low
Product	pom	developer id	britter	Low
Product	pom	developer id	chtompki	Low
Product	pom	developer id	djones	Low
Product	pom	developer id	ggregory	Low
Product	pom	developer id	kinow	Low
Product	pom	developer name	Benedikt Ritter	Low
Product	pom	developer name	Bruno P. Kinoshita	Low
Product	pom	developer name	Duncan Jones	Low
Product	pom	developer name	Gary Gregory	Low
Product	pom	developer name	Rob Tompkins	Low
Product	pom	developer org	The Apache Software Foundation	Low
Product	pom	developer org URL	https://www.apache.org/	Low
Product	pom	groupid	org.apache.commons	Highest
Product	pom	name	Apache Commons Text	High
Product	pom	parent-artifactid	commons-parent	Medium
Product	pom	url	https://commons.apache.org/proper/commons-text	Medium
Version	file	version	1.14.0	High
Version	Manifest	Bundle-Version	1.14.0	High
Version	Manifest	Implementation-Version	1.14.0	High
Version	pom	parent-version	1.14.0	Low
Version	pom	version	1.14.0	Highest

Identifiers

pkg:maven/org.apache.commons/commons-text@1.14.0 (Confidence:High)
cpe:2.3:a:apache:commons_text:1.14.0:*:*:*:*:*:*:* (Confidence:Highest)

jackson-core-2.18.2.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.18.2/jackson-core-2.18.2.jar
MD5: bf935e6eca3a57defa13918661905cb0
SHA1: fb64ccac5c27dca8819418eb4e443a9f496d9ee7
SHA256:d8054ae7c0d1c2d2f55d28e46026ebe5892881f3fab5f439233184381c3b4a1f
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-schemaorgforj@2.1.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-core	High
Vendor	jar	package name	base	Highest
Vendor	jar	package name	com	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	jar	package name	json	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-core	Highest
Vendor	pom	artifactid	jackson-core	Low
Vendor	pom	groupid	com.fasterxml.jackson.core	Highest
Vendor	pom	name	Jackson-core	High
Vendor	pom	parent-artifactid	jackson-base	Low
Vendor	pom	parent-groupid	com.fasterxml.jackson	Medium
Vendor	pom	url	FasterXML/jackson-core	Highest
Product	file	name	jackson-core	High
Product	hint analyzer	product	java8	Highest
Product	hint analyzer	product	modules	Highest
Product	jar	package name	base	Highest
Product	jar	package name	com	Highest
Product	jar	package name	core	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	jar	package name	json	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Product	Manifest	Bundle-Name	Jackson-core	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Product	Manifest	Implementation-Title	Jackson-core	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Jackson-core	Medium
Product	pom	artifactid	jackson-core	Highest
Product	pom	groupid	com.fasterxml.jackson.core	Highest
Product	pom	name	Jackson-core	High
Product	pom	parent-artifactid	jackson-base	Medium
Product	pom	parent-groupid	com.fasterxml.jackson	Medium
Product	pom	url	FasterXML/jackson-core	High
Version	file	version	2.18.2	High
Version	Manifest	Bundle-Version	2.18.2	High
Version	Manifest	Implementation-Version	2.18.2	High
Version	pom	version	2.18.2	Highest

Related Dependencies

Identifiers

pkg:maven/com.fasterxml.jackson.core/jackson-core@2.18.2 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.2:*:*:*:*:*:*:* (Confidence:Low)

jackson-databind-2.18.2.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.18.2/jackson-databind-2.18.2.jar
MD5: 1b56887bcd3eaea1ff710eb673e610b0
SHA1: deef8697b92141fb6caf7aa86966cff4eec9b04f
SHA256:4b364e6850dc89172fcf1d4dd26b8ff5488eda44ff4657e22dd265203dd5ab3c
Referenced In Project/Scope: Bedework schemaorgforj: create and parse schema.org objects.:compile
pkg:maven/org.bedework/bw-schemaorgforj@2.1.0-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-databind	High
Vendor	jar	package name	databind	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-databind	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-databind	Highest
Vendor	pom	artifactid	jackson-databind	Low
Vendor	pom	groupid	com.fasterxml.jackson.core	Highest
Vendor	pom	name	jackson-databind	High
Vendor	pom	parent-artifactid	jackson-base	Low
Vendor	pom	parent-groupid	com.fasterxml.jackson	Medium
Vendor	pom	url	FasterXML/jackson	Highest
Product	file	name	jackson-databind	High
Product	hint analyzer	product	java8	Highest
Product	hint analyzer	product	modules	Highest
Product	jar	package name	databind	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson	Low
Product	Manifest	Bundle-Name	jackson-databind	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-databind	Medium
Product	Manifest	Implementation-Title	jackson-databind	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	jackson-databind	Medium
Product	pom	artifactid	jackson-databind	Highest
Product	pom	groupid	com.fasterxml.jackson.core	Highest
Product	pom	name	jackson-databind	High
Product	pom	parent-artifactid	jackson-base	Medium
Product	pom	parent-groupid	com.fasterxml.jackson	Medium
Product	pom	url	FasterXML/jackson	High
Version	file	version	2.18.2	High
Version	Manifest	Bundle-Version	2.18.2	High
Version	Manifest	Implementation-Version	2.18.2	High
Version	pom	version	2.18.2	Highest

Identifiers

pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.2 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-databind:2.18.2:*:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.2:*:*:*:*:*:*:* (Confidence:Low)

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor

Project: Bedework schemaorgforj: create and parse schema.org objects.

org.bedework:bw-schemaorgforj:2.1.0-SNAPSHOT

Summary

Dependencies (vulnerable)

bw-base-2.0.0.jar

Evidence

Identifiers

bw-json-2.0.0.jar

Evidence

Identifiers

bw-util-logging-6.0.0.jar

Evidence

Identifiers

bw-util-misc-6.0.1.jar

Evidence

Identifiers

commons-lang3-3.18.0.jar

Evidence

Identifiers

commons-text-1.14.0.jar

Evidence

Identifiers

jackson-core-2.18.2.jar

Evidence

Related Dependencies

Identifiers

jackson-databind-2.18.2.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: Bedework schemaorgforj: create and parse schema.org objects.

org.bedework:bw-schemaorgforj:2.1.0-SNAPSHOT

Summary

Dependencies (vulnerable)

bw-base-2.0.0.jar

Evidence

Identifiers

bw-json-2.0.0.jar

Evidence

Identifiers

bw-util-logging-6.0.0.jar

Evidence

Identifiers

bw-util-misc-6.0.1.jar

Evidence

Identifiers

commons-lang3-3.18.0.jar

Evidence

Identifiers

commons-text-1.14.0.jar

Evidence

Identifiers

jackson-core-2.18.2.jar

Evidence

Related Dependencies

Identifiers

jackson-databind-2.18.2.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor