Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 10.0.4
Report Generated On: Mon, 30 Sep 2024 01:47:54 GMT
Dependencies Scanned: 12 (11 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2024-09-30T01:46:47Z
NVD API Last Modified: 2024-09-30T01:35:19Z

Summary

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Confidence	Evidence Count
com.github.oshi:oshi-core:6.6.6-SNAPSHOT		pkg:maven/com.github.oshi/oshi-core@6.6.6-SNAPSHOT		6
jackson-core-2.18.0.jar	cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.0:::::::*	pkg:maven/com.fasterxml.jackson.core/jackson-core@2.18.0	Low	47
jackson-databind-2.18.0.jar	cpe:2.3:a:fasterxml:jackson-databind:2.18.0:::::::* cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.0:::::::*	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.0	Highest	41
jfreechart-1.5.5.jar	cpe:2.3:a:time_project:time:1.5.5:::::::*	pkg:maven/org.jfree/jfreechart@1.5.5	Low	37
jna-5.15.0.jar	cpe:2.3:a:oracle:java_se:5.15.0:::::::*	pkg:maven/net.java.dev.jna/jna@5.15.0	Low	48
jna-5.15.0.jar: jnidispatch.dll				2
jna-5.15.0.jar: jnidispatch.dll				2
jna-5.15.0.jar: jnidispatch.dll				2
jna-platform-5.15.0.jar		pkg:maven/net.java.dev.jna/jna-platform@5.15.0		44
slf4j-api-2.0.16.jar		pkg:maven/org.slf4j/slf4j-api@2.0.16		29
slf4j-simple-2.0.16.jar		pkg:maven/org.slf4j/slf4j-simple@2.0.16		37

Dependencies (vulnerable)

com.github.oshi:oshi-core:6.6.6-SNAPSHOT

Description:

A JNA-based (native) operating system information library for Java that aims to provide a
        cross-platform implementation to retrieve system information, such as version, memory, CPU, disk, battery, etc.

License:

SPDX-License-Identifier: MIT https://opensource.org/licenses/MIT

File Path: /home/runner/work/oshi/oshi/oshi-core/pom.xml

Referenced In Project/Scope: oshi-demo
pkg:maven/com.github.oshi/oshi-demo@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	pom	High
Vendor	project	artifactid	oshi-core	Low
Vendor	project	groupid	com.github.oshi	Highest
Product	file	name	pom	High
Product	project	artifactid	oshi-core	Highest
Product	project	groupid	com.github.oshi	Low

Identifiers

pkg:maven/com.github.oshi/oshi-core@6.6.6-SNAPSHOT (Confidence:Highest)

jackson-core-2.18.0.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.18.0/jackson-core-2.18.0.jar
MD5: 9cfce35068c5ea1c987cf1f1cab537b2
SHA1: 65e8ead7de5d8f7a53e296c363bea3182f21f925
SHA256:215bbd7c8fd65be504cb92ff3aa1c4b790fc7b14cca72f4546aac4143c101bb5
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.0

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-core	High
Vendor	jar	package name	base	Highest
Vendor	jar	package name	com	Highest
Vendor	jar	package name	core	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	jar	package name	json	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-core	Highest
Vendor	pom	artifactid	jackson-core	Low
Vendor	pom	groupid	com.fasterxml.jackson.core	Highest
Vendor	pom	name	Jackson-core	High
Vendor	pom	parent-artifactid	jackson-base	Low
Vendor	pom	parent-groupid	com.fasterxml.jackson	Medium
Vendor	pom	url	FasterXML/jackson-core	Highest
Product	file	name	jackson-core	High
Product	hint analyzer	product	java8	Highest
Product	hint analyzer	product	modules	Highest
Product	jar	package name	base	Highest
Product	jar	package name	com	Highest
Product	jar	package name	core	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	jar	package name	json	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson-core	Low
Product	Manifest	Bundle-Name	Jackson-core	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-core	Medium
Product	Manifest	Implementation-Title	Jackson-core	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	Jackson-core	Medium
Product	pom	artifactid	jackson-core	Highest
Product	pom	groupid	com.fasterxml.jackson.core	Highest
Product	pom	name	Jackson-core	High
Product	pom	parent-artifactid	jackson-base	Medium
Product	pom	parent-groupid	com.fasterxml.jackson	Medium
Product	pom	url	FasterXML/jackson-core	High
Version	file	version	2.18.0	High
Version	Manifest	Bundle-Version	2.18.0	High
Version	Manifest	Implementation-Version	2.18.0	High
Version	pom	version	2.18.0	Highest

Related Dependencies

Identifiers

pkg:maven/com.fasterxml.jackson.core/jackson-core@2.18.0 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.0:*:*:*:*:*:*:* (Confidence:Low)

jackson-databind-2.18.0.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.18.0/jackson-databind-2.18.0.jar
MD5: 00c8c4671939735ac93117eb6c43b10e
SHA1: 8dba1f789a75fc30b59303574fe2b269afa4d3bc
SHA256:2bf1927b7f3224683ed0157a1ec3b0ede75179da3e597d78c572d56ed00f9f3c
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-demo@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jackson-databind	High
Vendor	jar	package name	databind	Highest
Vendor	jar	package name	fasterxml	Highest
Vendor	jar	package name	jackson	Highest
Vendor	Manifest	build-jdk-spec	1.8	Low
Vendor	Manifest	bundle-docurl	https://github.com/FasterXML/jackson	Low
Vendor	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-databind	Medium
Vendor	Manifest	Implementation-Vendor	FasterXML	High
Vendor	Manifest	Implementation-Vendor-Id	com.fasterxml.jackson.core	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	specification-vendor	FasterXML	Low
Vendor	pom	artifactid	jackson-databind	Highest
Vendor	pom	artifactid	jackson-databind	Low
Vendor	pom	groupid	com.fasterxml.jackson.core	Highest
Vendor	pom	name	jackson-databind	High
Vendor	pom	parent-artifactid	jackson-base	Low
Vendor	pom	parent-groupid	com.fasterxml.jackson	Medium
Vendor	pom	url	FasterXML/jackson	Highest
Product	file	name	jackson-databind	High
Product	hint analyzer	product	java8	Highest
Product	hint analyzer	product	modules	Highest
Product	jar	package name	databind	Highest
Product	jar	package name	fasterxml	Highest
Product	jar	package name	jackson	Highest
Product	Manifest	build-jdk-spec	1.8	Low
Product	Manifest	bundle-docurl	https://github.com/FasterXML/jackson	Low
Product	Manifest	Bundle-Name	jackson-databind	Medium
Product	Manifest	bundle-symbolicname	com.fasterxml.jackson.core.jackson-databind	Medium
Product	Manifest	Implementation-Title	jackson-databind	High
Product	Manifest	multi-release	true	Low
Product	Manifest	specification-title	jackson-databind	Medium
Product	pom	artifactid	jackson-databind	Highest
Product	pom	groupid	com.fasterxml.jackson.core	Highest
Product	pom	name	jackson-databind	High
Product	pom	parent-artifactid	jackson-base	Medium
Product	pom	parent-groupid	com.fasterxml.jackson	Medium
Product	pom	url	FasterXML/jackson	High
Version	file	version	2.18.0	High
Version	Manifest	Bundle-Version	2.18.0	High
Version	Manifest	Implementation-Version	2.18.0	High
Version	pom	version	2.18.0	Highest

Identifiers

pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.0 (Confidence:High)
cpe:2.3:a:fasterxml:jackson-databind:2.18.0:*:*:*:*:*:*:* (Confidence:Highest)
cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.0:*:*:*:*:*:*:* (Confidence:Low)

jfreechart-1.5.5.jar

Description:

        JFreeChart is a class library, written in Java, for generating charts. 
        Utilising the Java2D API, it supports a wide range of chart types including
        bar charts, pie charts, line charts, XY-plots, time series plots, Sankey charts
        and more.

License:

GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt

File Path: /home/runner/.m2/repository/org/jfree/jfreechart/1.5.5/jfreechart-1.5.5.jar
MD5: f39186dfa4084491a92094f6ed195427
SHA1: 4147651ba863c28090a585a6f1e91c7a9bcc1f12
SHA256:0912b43a7dd4456c9fd4012fcc9c7b14fd70732adfeaead996824b734a036d5a
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-demo@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jfreechart	High
Vendor	jar	package name	jfree	Highest
Vendor	jar	package name	jfreechart	Highest
Vendor	jar	package name	range	Highest
Vendor	jar	package name	series	Highest
Vendor	jar	package name	time	Highest
Vendor	jar	package name	xy	Highest
Vendor	Manifest	automatic-module-name	org.jfree.jfreechart	Medium
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	pom	artifactid	jfreechart	Highest
Vendor	pom	artifactid	jfreechart	Low
Vendor	pom	developer email	dave@jfree.org	Low
Vendor	pom	developer name	David Gilbert	Medium
Vendor	pom	groupid	org.jfree	Highest
Vendor	pom	name	JFreeChart	High
Vendor	pom	organization name	JFree.org	High
Vendor	pom	organization url	http://www.jfree.org/	Medium
Vendor	pom	url	http://www.jfree.org/jfreechart/	Highest
Product	file	name	jfreechart	High
Product	jar	package name	jfree	Highest
Product	jar	package name	jfreechart	Highest
Product	jar	package name	range	Highest
Product	jar	package name	series	Highest
Product	jar	package name	time	Highest
Product	jar	package name	xy	Highest
Product	Manifest	automatic-module-name	org.jfree.jfreechart	Medium
Product	Manifest	build-jdk-spec	21	Low
Product	pom	artifactid	jfreechart	Highest
Product	pom	developer email	dave@jfree.org	Low
Product	pom	developer name	David Gilbert	Low
Product	pom	groupid	org.jfree	Highest
Product	pom	name	JFreeChart	High
Product	pom	organization name	JFree.org	Low
Product	pom	organization url	http://www.jfree.org/	Low
Product	pom	url	http://www.jfree.org/jfreechart/	Medium
Version	file	version	1.5.5	High
Version	pom	version	1.5.5	Highest

Identifiers

pkg:maven/org.jfree/jfreechart@1.5.5 (Confidence:High)
cpe:2.3:a:time_project:time:1.5.5:*:*:*:*:*:*:* (Confidence:Low)

jna-5.15.0.jar

Description:

Java Native Access

License:

LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.15.0/jna-5.15.0.jar
MD5: cd756a719c1892e56d9c9d424e8983bb
SHA1: 01ee1d80ff44f08280188f7c0e740d57207841ac
SHA256:a564158d28ab5127fc6a958028ed54279fe0999662c46425b6a3b09a2a52094d
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-core@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jna	High
Vendor	jar	package name	jna	Highest
Vendor	jar	package name	native	Highest
Vendor	jar	package name	sun	Highest
Vendor	jar (hint)	package name	oracle	Highest
Vendor	Manifest	automatic-module-name	com.sun.jna	Medium
Vendor	Manifest	bundle-activationpolicy	lazy	Low
Vendor	Manifest	bundle-category	jni	Low
Vendor	Manifest	bundle-nativecode	com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.6	Low
Vendor	Manifest	bundle-symbolicname	com.sun.jna	Medium
Vendor	Manifest	Implementation-Vendor	JNA Development Team	High
Vendor	Manifest	specification-vendor	JNA Development Team	Low
Vendor	pom	artifactid	jna	Highest
Vendor	pom	artifactid	jna	Low
Vendor	pom	developer email	mblaesing@doppel-helix.eu	Low
Vendor	pom	developer id	twall	Medium
Vendor	pom	developer name	Matthias Bläsing	Medium
Vendor	pom	developer name	Timothy Wall	Medium
Vendor	pom	groupid	net.java.dev.jna	Highest
Vendor	pom	name	Java Native Access	High
Vendor	pom	url	java-native-access/jna	Highest
Product	file	name	jna	High
Product	jar	package name	jna	Highest
Product	jar	package name	library	Highest
Product	jar	package name	native	Highest
Product	jar	package name	sun	Highest
Product	jar	package name	win32	Highest
Product	Manifest	automatic-module-name	com.sun.jna	Medium
Product	Manifest	bundle-activationpolicy	lazy	Low
Product	Manifest	bundle-category	jni	Low
Product	Manifest	Bundle-Name	jna	Medium
Product	Manifest	bundle-nativecode	com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64	Low
Product	Manifest	bundle-requiredexecutionenvironment	JavaSE-1.6	Low
Product	Manifest	bundle-symbolicname	com.sun.jna	Medium
Product	Manifest	Implementation-Title	com.sun.jna	High
Product	Manifest	specification-title	Java Native Access (JNA)	Medium
Product	pom	artifactid	jna	Highest
Product	pom	developer email	mblaesing@doppel-helix.eu	Low
Product	pom	developer id	twall	Low
Product	pom	developer name	Matthias Bläsing	Low
Product	pom	developer name	Timothy Wall	Low
Product	pom	groupid	net.java.dev.jna	Highest
Product	pom	name	Java Native Access	High
Product	pom	url	java-native-access/jna	High
Version	file	version	5.15.0	High
Version	Manifest	Bundle-Version	5.15.0	High
Version	pom	version	5.15.0	Highest

Identifiers

pkg:maven/net.java.dev.jna/jna@5.15.0 (Confidence:High)
cpe:2.3:a:oracle:java_se:5.15.0:*:*:*:*:*:*:* (Confidence:Low)

jna-5.15.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.15.0/jna-5.15.0.jar/com/sun/jna/win32-aarch64/jnidispatch.dll
MD5: 302945a811fd8e21bcdd5226c73b6f74
SHA1: 6b05e299ff2b3eb3b7b7aeac44263f715693607c
SHA256:b8f98be314234cf12b5b46c29652f70c0f6abb93ae19b63d3fe2692062aa699d
Referenced In Project/Scope: oshi-demo:compile

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jnidispatch	High
Product	file	name	jnidispatch	High

Identifiers

None

jna-5.15.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.15.0/jna-5.15.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: 2d2475f1f026dd54e9f3e787ae4f81da
SHA1: 27ff882ac271db547aee520b38e3ba9aa91e136c
SHA256:5a7ff949f6d93d86491eb5b26b1cfc60051168a60622650224b89995ac420023
Referenced In Project/Scope: oshi-demo:compile

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jnidispatch	High
Product	file	name	jnidispatch	High

Identifiers

None

jna-5.15.0.jar: jnidispatch.dll

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.15.0/jna-5.15.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: 0caa1ef75a807f9dde05084fa2219a5c
SHA1: 2f5e1cd82cde192905c7510ce99037b67d980640
SHA256:752d597cee7e95cb517327146bf42f124c0d6c0bc48b3ecc3b1b3b0531a52f44
Referenced In Project/Scope: oshi-demo:compile

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jnidispatch	High
Product	file	name	jnidispatch	High

Identifiers

None

jna-platform-5.15.0.jar

Description:

Java Native Access Platform

License:

LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt

File Path: /home/runner/.m2/repository/net/java/dev/jna/jna-platform/5.15.0/jna-platform-5.15.0.jar
MD5: 41d91e4a13428fb79c12024cb92a4091
SHA1: 86b502cad57d45da172b5e3231c537b042e296ef
SHA256:18b7f6e7d34ce89309a6d9052ae1a987e8e64057e2f683e01e50f2f2b59cd153
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-core@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	jna-platform	High
Vendor	jar	package name	jna	Highest
Vendor	jar	package name	platform	Highest
Vendor	jar	package name	sun	Highest
Vendor	jar (hint)	package name	oracle	Highest
Vendor	Manifest	automatic-module-name	com.sun.jna.platform	Medium
Vendor	Manifest	bundle-category	jni	Low
Vendor	Manifest	bundle-requiredexecutionenvironment	J2SE-1.4	Low
Vendor	Manifest	bundle-symbolicname	com.sun.jna.platform	Medium
Vendor	Manifest	Implementation-Vendor	JNA Development Team	High
Vendor	Manifest	require-bundle	com.sun.jna;bundle-version="5.15.0"	Low
Vendor	Manifest	specification-vendor	JNA Development Team	Low
Vendor	pom	artifactid	jna-platform	Highest
Vendor	pom	artifactid	jna-platform	Low
Vendor	pom	developer email	mblaesing@doppel-helix.eu	Low
Vendor	pom	developer id	twall	Medium
Vendor	pom	developer name	Matthias Bläsing	Medium
Vendor	pom	developer name	Timothy Wall	Medium
Vendor	pom	groupid	net.java.dev.jna	Highest
Vendor	pom	name	Java Native Access Platform	High
Vendor	pom	url	java-native-access/jna	Highest
Product	file	name	jna-platform	High
Product	jar	package name	jna	Highest
Product	jar	package name	platform	Highest
Product	jar	package name	sun	Highest
Product	Manifest	automatic-module-name	com.sun.jna.platform	Medium
Product	Manifest	bundle-category	jni	Low
Product	Manifest	Bundle-Name	jna-platform	Medium
Product	Manifest	bundle-requiredexecutionenvironment	J2SE-1.4	Low
Product	Manifest	bundle-symbolicname	com.sun.jna.platform	Medium
Product	Manifest	Implementation-Title	com.sun.jna	High
Product	Manifest	require-bundle	com.sun.jna;bundle-version="5.15.0"	Low
Product	Manifest	specification-title	Java Native Access (JNA)	Medium
Product	pom	artifactid	jna-platform	Highest
Product	pom	developer email	mblaesing@doppel-helix.eu	Low
Product	pom	developer id	twall	Low
Product	pom	developer name	Matthias Bläsing	Low
Product	pom	developer name	Timothy Wall	Low
Product	pom	groupid	net.java.dev.jna	Highest
Product	pom	name	Java Native Access Platform	High
Product	pom	url	java-native-access/jna	High
Version	file	version	5.15.0	High
Version	Manifest	Bundle-Version	5.15.0	High
Version	pom	version	5.15.0	Highest

Identifiers

pkg:maven/net.java.dev.jna/jna-platform@5.15.0 (Confidence:High)

slf4j-api-2.0.16.jar

Description:

The slf4j API

License:

http://www.opensource.org/licenses/mit-license.php

File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.16/slf4j-api-2.0.16.jar
MD5: c8de8f5d740584cb24b5652cfba8b3c4
SHA1: 0172931663a09a1fa515567af5fbef00897d3c04
SHA256:a12578dde1ba00bd9b816d388a0b879928d00bab3c83c240f7013bf4196c579a
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-core@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slf4j-api	High
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	slf4j.api	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	pom	artifactid	slf4j-api	Highest
Vendor	pom	artifactid	slf4j-api	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	SLF4J API Module	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	slf4j-api	High
Product	jar	package name	slf4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	SLF4J API Module	Medium
Product	Manifest	bundle-symbolicname	slf4j.api	Medium
Product	Manifest	Implementation-Title	slf4j-api	High
Product	Manifest	multi-release	true	Low
Product	pom	artifactid	slf4j-api	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	SLF4J API Module	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.16	High
Version	Manifest	Bundle-Version	2.0.16	High
Version	Manifest	Implementation-Version	2.0.16	High
Version	pom	version	2.0.16	Highest

Identifiers

pkg:maven/org.slf4j/slf4j-api@2.0.16 (Confidence:High)

slf4j-simple-2.0.16.jar

Description:

SLF4J Simple Provider

License:

http://www.opensource.org/licenses/mit-license.php

File Path: /home/runner/.m2/repository/org/slf4j/slf4j-simple/2.0.16/slf4j-simple-2.0.16.jar
MD5: 58c531dfe60020700c53c45fdf6234bf
SHA1: 56d3d8e59293543780ad35af4ee4a5d9c111a588
SHA256:effc32018658bea09d1e08c7d1060ccad46c086960f583d07dd7ffe9c1172a47
Referenced In Project/Scope: oshi-demo:compile
pkg:maven/com.github.oshi/oshi-demo@6.6.6-SNAPSHOT

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	slf4j-simple	High
Vendor	jar	package name	simple	Highest
Vendor	jar	package name	slf4j	Highest
Vendor	Manifest	build-jdk-spec	21	Low
Vendor	Manifest	bundle-docurl	http://www.slf4j.org	Low
Vendor	Manifest	bundle-symbolicname	slf4j.simple	Medium
Vendor	Manifest	multi-release	true	Low
Vendor	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Vendor	Manifest	provide-capability	osgi.service;objectClass:List="org.slf4j.spi.SLF4JServiceProvider";type=simple;effective:=active,osgi.serviceloader;osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider";register:="org.slf4j.simple.SimpleServiceProvider";type=simple	Low
Vendor	pom	artifactid	slf4j-simple	Highest
Vendor	pom	artifactid	slf4j-simple	Low
Vendor	pom	groupid	org.slf4j	Highest
Vendor	pom	name	SLF4J Simple Provider	High
Vendor	pom	parent-artifactid	slf4j-parent	Low
Vendor	pom	url	http://www.slf4j.org	Highest
Product	file	name	slf4j-simple	High
Product	jar	package name	9	Highest
Product	jar	package name	simple	Highest
Product	jar	package name	simpleserviceprovider	Highest
Product	jar	package name	slf4j	Highest
Product	Manifest	build-jdk-spec	21	Low
Product	Manifest	bundle-docurl	http://www.slf4j.org	Low
Product	Manifest	Bundle-Name	SLF4J Simple Provider	Medium
Product	Manifest	bundle-symbolicname	slf4j.simple	Medium
Product	Manifest	Implementation-Title	slf4j-simple	High
Product	Manifest	multi-release	true	Low
Product	Manifest	originally-created-by	Apache Maven Bundle Plugin 5.1.9	Low
Product	Manifest	provide-capability	osgi.service;objectClass:List="org.slf4j.spi.SLF4JServiceProvider";type=simple;effective:=active,osgi.serviceloader;osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider";register:="org.slf4j.simple.SimpleServiceProvider";type=simple	Low
Product	pom	artifactid	slf4j-simple	Highest
Product	pom	groupid	org.slf4j	Highest
Product	pom	name	SLF4J Simple Provider	High
Product	pom	parent-artifactid	slf4j-parent	Medium
Product	pom	url	http://www.slf4j.org	Medium
Version	file	version	2.0.16	High
Version	Manifest	Bundle-Version	2.0.16	High
Version	Manifest	Implementation-Version	2.0.16	High
Version	pom	version	2.0.16	Highest

Identifiers

pkg:maven/org.slf4j/slf4j-simple@2.0.16 (Confidence:High)

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor

Project: oshi-demo

com.github.oshi:oshi-demo:6.6.6-SNAPSHOT

Summary

Dependencies (vulnerable)

com.github.oshi:oshi-core:6.6.6-SNAPSHOT

Evidence

Identifiers

jackson-core-2.18.0.jar

Evidence

Related Dependencies

Identifiers

jackson-databind-2.18.0.jar

Evidence

Identifiers

jfreechart-1.5.5.jar

Evidence

Identifiers

jna-5.15.0.jar

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-platform-5.15.0.jar

Evidence

Identifiers

slf4j-api-2.0.16.jar

Evidence

Identifiers

slf4j-simple-2.0.16.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: oshi-demo

com.github.oshi:oshi-demo:6.6.6-SNAPSHOT

Summary

Dependencies (vulnerable)

com.github.oshi:oshi-core:6.6.6-SNAPSHOT

Evidence

Identifiers

jackson-core-2.18.0.jar

Evidence

Related Dependencies

Identifiers

jackson-databind-2.18.0.jar

Evidence

Identifiers

jfreechart-1.5.5.jar

Evidence

Identifiers

jna-5.15.0.jar

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-5.15.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-platform-5.15.0.jar

Evidence

Identifiers

slf4j-api-2.0.16.jar

Evidence

Identifiers

slf4j-simple-2.0.16.jar

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor