Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.1.6Report Generated On : Sun, 31 May 2026 16:36:05 -0700Dependencies Scanned : 21 (17 unique)Vulnerable Dependencies : 0 Vulnerabilities Found : 0Vulnerabilities Suppressed : 3 (show )... NVD API Last Checked : 2026-05-31T16:35:49-07NVD API Last Modified : 2026-05-31T23:16:42ZSummary Summary of Vulnerable Dependencies (click to show all)
AbsoluteLayout-RELEASE290.jarDescription:
POM and identification for artifact that was not possible to uniquely identify as a maven dependency. File Path: /lib/AbsoluteLayout-RELEASE290.jarMD5: 6c04b49b0b68eb310b29c60bcbd39db5SHA1: 409c90d09b61262b7c1e4759fd5e921e66b914ccSHA256: cbe5600e86eb64761e11e4cb046804a070bc214e00b9fa61413b59017089dfd1
Evidence Type Source Name Value Confidence Vendor central artifactid AbsoluteLayout Highest Vendor central groupid org.netbeans.external Highest Vendor file name AbsoluteLayout-RELEASE290 High Vendor jar package name awtextra Low Vendor jar package name lib Low Vendor jar package name netbeans Low Vendor Manifest netbeans-own-library true Low Vendor pom artifactid AbsoluteLayout Low Vendor pom groupid org.netbeans.external Highest Vendor pom name Maven definition for AbsoluteLayout.jar - external part of NetBeans module. High Vendor pom parent-artifactid netbeans-parent Low Vendor pom parent-groupid org.apache.netbeans Medium Product central artifactid AbsoluteLayout Highest Product file name AbsoluteLayout-RELEASE290 High Product jar package name awtextra Low Product jar package name lib Low Product Manifest netbeans-own-library true Low Product pom artifactid AbsoluteLayout Highest Product pom groupid org.netbeans.external Highest Product pom name Maven definition for AbsoluteLayout.jar - external part of NetBeans module. High Product pom parent-artifactid netbeans-parent Medium Product pom parent-groupid org.apache.netbeans Medium Version central version RELEASE290 Highest Version pom parent-version RELEASE290 Low Version pom version RELEASE290 Highest
pkg:maven/org.netbeans.external/AbsoluteLayout@RELEASE290 (Confidence :High) bcpkix-jdk15on-1.70.jarDescription:
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcpkix-jdk15on-1.70.jar
MD5: 2c383f50d41937eae4fd32c35d8668cd
SHA1: f81e5af49571a9d5a109a88f239a73ce87055417
SHA256: e5b9cb821df57f70b0593358e89c0e8d7266515da9d088af6c646f63d433c07c
Evidence Type Source Name Value Confidence Vendor central artifactid bcpkix-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcpkix-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name pkix Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle PKIX API Medium Vendor Manifest automatic-module-name org.bouncycastle.pkix Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcpkix Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcpkix Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcpkix-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcpkix-jdk15on Highest Product file name bcpkix-jdk15on High Product jar package name bouncycastle Highest Product jar package name pkix Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle PKIX API Medium Product Manifest automatic-module-name org.bouncycastle.pkix Medium Product Manifest Bundle-Name bcpkix Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcpkix Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcpkix Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcpkix-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
bcprov-jdk15on-1.70.jarDescription:
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcprov-jdk15on-1.70.jar
MD5: 1809d0449a6374279c01fdd3be26cd92
SHA1: 4636a0d01f74acaf28082fb62b317f1080118371
SHA256: 8f3c20e3e2d565d26f33e8d4857a37d0d7f8ac39b62a7026496fcab1bdac30d4
Evidence Type Source Name Value Confidence Vendor central artifactid bcprov-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcprov-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Provider Medium Vendor Manifest automatic-module-name org.bouncycastle.provider Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcprov Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcprovider Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcprov-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle Provider High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcprov-jdk15on Highest Product file name bcprov-jdk15on High Product hint analyzer product legion-of-the-bouncy-castle-java-crytography-api High Product hint analyzer product the_bouncy_castle_crypto_package_for_java High Product jar package name bouncycastle Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Provider Medium Product Manifest automatic-module-name org.bouncycastle.provider Medium Product Manifest Bundle-Name bcprov Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcprov Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcprovider Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcprov-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle Provider High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
pkg:maven/org.bouncycastle/[email protected] (Confidence :High) cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.70:*:*:*:*:*:*:* (Confidence :Highest) suppress cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.70:*:*:*:*:*:*:* (Confidence :Low) suppress bcutil-jdk15on-1.70.jarDescription:
The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcutil-jdk15on-1.70.jar
MD5: 805173dfb0891331dbe69d0e53371af4
SHA1: 54280e7195a7430d7911ded93fc01e07300b9526
SHA256: 52dc5551b0257666526c5095424567fed7dc7b00d2b1ba7bd52298411112b1d0
Evidence Type Source Name Value Confidence Vendor central artifactid bcutil-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcutil-jdk15on High Vendor jar package name asn1 Low Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Utility APIs Medium Vendor Manifest automatic-module-name org.bouncycastle.util Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcutil Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcutil Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcutil-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle ASN.1 Extension and Utility APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcutil-jdk15on Highest Product file name bcutil-jdk15on High Product jar package name asn1 Low Product jar package name bouncycastle Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Utility APIs Medium Product Manifest automatic-module-name org.bouncycastle.util Medium Product Manifest Bundle-Name bcutil Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcutil Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcutil Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcutil-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle ASN.1 Extension and Utility APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
flatlaf-3.7.jarFile Path: /lib/flatlaf-3.7.jarMD5: ea286e4c313b3ca4265d71c4f56e752aSHA1: 2075e33a20115d89ef20d1cb21179991c4f122d6SHA256: 1dc4f08cc0e01122f5bc6cebe1dcf253872c1fe8126208f43dab314d7deb0da2
Evidence Type Source Name Value Confidence Vendor file name flatlaf High Vendor jar package name flatlaf Low Vendor jar package name formdev Highest Vendor jar package name formdev Low Vendor jar package name ui Low Vendor Manifest implementation-copyright Copyright (C) 2019-2025 FormDev Software GmbH. All rights reserved. Low Vendor Manifest Implementation-Vendor FormDev Software GmbH High Vendor Manifest multi-release true Low Product file name flatlaf High Product jar package name flatlaf Low Product jar package name formdev Highest Product jar package name ui Low Product Manifest implementation-copyright Copyright (C) 2019-2025 FormDev Software GmbH. All rights reserved. Low Product Manifest multi-release true Low Version file version 3.7 High Version Manifest Implementation-Version 3.7 High
flatlaf-3.7.jar: flatlaf-windows-arm64.dllFile Path: /lib/flatlaf-3.7.jar\com\formdev\flatlaf\natives\flatlaf-windows-arm64.dllMD5: 539977161f734b0e32d9bbcbb1be1907SHA1: 682023c13747eb307a6e29925516b58a033c9fa4SHA256: 32883ece91a12387628bb89531eca58edbdd50a639d2d4958b1d4c2b1f110145
Evidence Type Source Name Value Confidence Vendor file name flatlaf-windows-arm64 High Product file name flatlaf-windows-arm64 High Version file name flatlaf-windows-arm64 Medium Version file version 64 Medium
flatlaf-3.7.jar: flatlaf-windows-x86.dllFile Path: /lib/flatlaf-3.7.jar\com\formdev\flatlaf\natives\flatlaf-windows-x86.dllMD5: 5f4db62faca59800d2345c851fb90e00SHA1: 3f1c08d282170d89aa575555c66353508267192bSHA256: 6c45d8f52e62e4859b31a3e5dbe3afa70e0471146d6f130f5b4b78a6262f162e
Evidence Type Source Name Value Confidence Vendor file name flatlaf-windows-x86 High Product file name flatlaf-windows-x86 High Version file name flatlaf-windows-x86 Medium Version file version 86 Medium
flatlaf-3.7.jar: flatlaf-windows-x86_64.dllFile Path: /lib/flatlaf-3.7.jar\com\formdev\flatlaf\natives\flatlaf-windows-x86_64.dllMD5: e200ab2783cc152b78cbdb9346eddb08SHA1: 7b612077e66087b91c7dadf47daa702d968f6b02SHA256: 390ed515d10c94bb91e30012d4ef5545f9ebf5fc20c5c5c9c28b8ea16bf4af60
Evidence Type Source Name Value Confidence Vendor file name flatlaf-windows-x86_64 High Product file name flatlaf-windows-x86_64 High
json-20251224.jarDescription:
JSON is a light-weight, language independent, data interchange format.
See http://www.JSON.org/
The files in this package implement JSON encoders/decoders in Java.
It also includes the capability to convert between JSON and XML, HTTP
headers, Cookies, and CDL.
This is a reference implementation. There are a large number of JSON packages
in Java. Perhaps someday the Java community will standardize on one. Until
then, choose carefully.
License:
Public Domain: https://github.com/stleary/JSON-java/blob/master/LICENSE File Path: /lib/json-20251224.jar
MD5: fec4b08b6ae3b07aa34ff719ee7a5cc3
SHA1: 758adfe5ff5c3cc286d62c9d097cbca84f870536
SHA256: 2a3438fbf9293174ea82bdfa35e83d8b965cfe6bddc034a1ac5d60107174c209
Evidence Type Source Name Value Confidence Vendor file name json-20251224 High Vendor jar package name cdl Highest Vendor jar package name http Highest Vendor jar package name json Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname json Medium Vendor Manifest multi-release true Low Vendor pom artifactid json Low Vendor pom developer email [email protected] Low Vendor pom developer name Douglas Crockford Medium Vendor pom groupid org.json Highest Vendor pom name JSON in Java High Vendor pom url douglascrockford/JSON-java Highest Product file name json-20251224 High Product jar package name cdl Highest Product jar package name http Highest Product jar package name json Highest Product jar package name xml Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Bundle-Name JSON in Java Medium Product Manifest bundle-symbolicname json Medium Product Manifest multi-release true Low Product pom artifactid json Highest Product pom developer email [email protected] Low Product pom developer name Douglas Crockford Low Product pom groupid org.json Highest Product pom name JSON in Java High Product pom url douglascrockford/JSON-java High Version file version 20251224 Medium Version pom version 20251224 Highest
pkg:maven/org.json/json@20251224 (Confidence :High) logback-core-1.5.32.jarDescription:
logback-core module License:
https://www.eclipse.org/legal/epl-v20.html, https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /lib/logback-core-1.5.32.jar
MD5: 053d4a28d6ba4c9b6247c6fd859ca64f
SHA1: fdfb3ff9a842303d4a95207294a6c6bc64e2605d
SHA256: 6a904d5778d0e361a9692f9cbe68b1b0620ae0f3eda2ec2ed09102755bf036c4
Evidence Type Source Name Value Confidence Vendor file name logback-core High Vendor jar package name ch Highest Vendor jar package name core Highest Vendor jar package name logback Highest Vendor jar package name qos Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor Manifest bundle-symbolicname ch.qos.logback.core Medium Vendor Manifest Implementation-Vendor QOS.ch High Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor Manifest specification-vendor QOS.ch Low Vendor pom artifactid logback-core Low Vendor pom groupid ch.qos.logback Highest Vendor pom name Logback Core Module High Vendor pom parent-artifactid logback-parent Low Product file name logback-core High Product jar package name 21 Highest Product jar package name ch Highest Product jar package name core Highest Product jar package name logback Highest Product jar package name qos Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest Bundle-Name Logback Core Module Medium Product Manifest bundle-symbolicname ch.qos.logback.core Medium Product Manifest Implementation-Title Logback Core Module High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product Manifest specification-title Logback Core Module Medium Product pom artifactid logback-core Highest Product pom groupid ch.qos.logback Highest Product pom name Logback Core Module High Product pom parent-artifactid logback-parent Medium Version file version 1.5.32 High Version Manifest Bundle-Version 1.5.32 High Version Manifest Implementation-Version 1.5.32 High Version pom version 1.5.32 Highest
Related Dependencies logback-classic-1.5.32.jarFile Path: /lib/logback-classic-1.5.32.jar MD5: cc1b628dcb1f44089d0decf8a4cf9009 SHA1: 2b1042c50f508f2eb402bd4d22ccbdf94cc37d2e SHA256: 2d4cf592db78be2de4d6140434c2fec170dcb16a09e8c8b7b207dbf5e31b848a pkg:maven/ch.qos.logback/[email protected] slf4j-api-2.0.17.jarDescription:
The slf4j API License:
https://opensource.org/license/mit File Path: /lib/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
sqlite-jdbc-3.51.2.0.jarDescription:
SQLite JDBC library with encryption and authentication support License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /lib/sqlite-jdbc-3.51.2.0.jar
MD5: 699db0483b78020e8cfb2a852bcda04c
SHA1: 2e92638ee101ba443135088b41f67efb5dc02952
SHA256: 6a0c7746a191e375693c6cbbbd3f368c71e50faa087585bfe06db80e1bc7ad16
Evidence Type Source Name Value Confidence Vendor file name sqlite-jdbc High Vendor jar package name jdbc Highest Vendor jar package name sqlite Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname io.github.willena.sqlite-jdbc;singleton:=true Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor pom artifactid sqlite-jdbc Low Vendor pom developer email [email protected] Low Vendor pom developer id Willena Medium Vendor pom developer name Guillaume Villena Medium Vendor pom developer org Guillaume's projects Medium Vendor pom groupid io.github.willena Highest Vendor pom name SQLite JDBC High Vendor pom url Willena/sqlite-jdbc-crypt Highest Product file name sqlite-jdbc High Product jar package name 9 Highest Product jar package name jdbc Highest Product jar package name sqlite Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name SQLite JDBC Medium Product Manifest bundle-symbolicname io.github.willena.sqlite-jdbc;singleton:=true Medium Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product pom artifactid sqlite-jdbc Highest Product pom developer email [email protected] Low Product pom developer id Willena Low Product pom developer name Guillaume Villena Low Product pom developer org Guillaume's projects Low Product pom groupid io.github.willena Highest Product pom name SQLite JDBC High Product pom url Willena/sqlite-jdbc-crypt High Version file version 3.51.2.0 High Version Manifest Bundle-Version 3.51.2.0 High Version pom version 3.51.2.0 Highest
sqlite-jdbc-3.51.2.0.jar: sqlitejdbc.dllFile Path: /lib/sqlite-jdbc-3.51.2.0.jar\org\sqlite\native\Windows\aarch64\sqlitejdbc.dllMD5: 851535821336e8858553b984b793297cSHA1: ad4dba5d676c0a0e6c3e4acd2bfc241e5a083833SHA256: f973dc1ade4540dfac185cb44db5dd7ea7e512b66c93c9c810dd6ea010d22112
Evidence Type Source Name Value Confidence Vendor file name sqlitejdbc High Product file name sqlitejdbc High
sqlite-jdbc-3.51.2.0.jar: sqlitejdbc.dllFile Path: /lib/sqlite-jdbc-3.51.2.0.jar\org\sqlite\native\Windows\armv7\sqlitejdbc.dllMD5: f28651ad5592eb206d1982cf1d0e008fSHA1: ed21517fc7ca2a858f3646d7992d6211be308079SHA256: eb773346a2c2b2f868fbba10af1bd410cc4e8c84cb4fc03b2598f3805fd5bc2b
Evidence Type Source Name Value Confidence Vendor file name sqlitejdbc High Product file name sqlitejdbc High
sqlite-jdbc-3.51.2.0.jar: sqlitejdbc.dllFile Path: /lib/sqlite-jdbc-3.51.2.0.jar\org\sqlite\native\Windows\x86\sqlitejdbc.dllMD5: 4b55aaa94544b44c2e17c4df5c24b10eSHA1: 856c4b9f7d8581a0aa5fd6a6d216c7e9d63a8e3aSHA256: f37a164db40653f628ee18b583dc1906f59f3557b90a8fccac5ea9dc5f953f13
Evidence Type Source Name Value Confidence Vendor file name sqlitejdbc High Product file name sqlitejdbc High
sqlite-jdbc-3.51.2.0.jar: sqlitejdbc.dllFile Path: /lib/sqlite-jdbc-3.51.2.0.jar\org\sqlite\native\Windows\x86_64\sqlitejdbc.dllMD5: 5dacb237a7fe3659200f7b4ae1c35b37SHA1: 387bd97099893ab6695c7fa7111d167eab291971SHA256: 3776f07b9585ad9905328eca945b18a6d70f26b04d6fd88c42e4a35b29f4e018
Evidence Type Source Name Value Confidence Vendor file name sqlitejdbc High Product file name sqlitejdbc High
sshd-core-2.17.1.jarFile Path: /lib/sshd-core-2.17.1.jarMD5: c059821a65212df7ffad96bbfca4f3c2SHA1: 02582f7b736365e3cbe70bcf90f12ac99d7d7a29SHA256: b30769bbc053da28949ed1404abed546598ccf3de9100945b627f5b3a0fe003c
Evidence Type Source Name Value Confidence Vendor file name sshd-core High Vendor jar package name apache Highest Vendor jar package name core Highest Vendor jar package name sshd Highest Vendor Manifest automatic-module-name org.apache.sshd.core Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid sshd-core Low Vendor pom groupid org.apache.sshd Highest Vendor pom name Apache Mina SSHD :: Core High Vendor pom parent-artifactid sshd Low Product file name sshd-core High Product jar package name apache Highest Product jar package name core Highest Product jar package name sshd Highest Product Manifest automatic-module-name org.apache.sshd.core Medium Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Apache Mina SSHD :: Core High Product Manifest specification-title Apache Mina SSHD :: Core Medium Product pom artifactid sshd-core Highest Product pom groupid org.apache.sshd Highest Product pom name Apache Mina SSHD :: Core High Product pom parent-artifactid sshd Medium Version file version 2.17.1 High Version Manifest Implementation-Version 2.17.1 High Version pom version 2.17.1 Highest
Related Dependencies sshd-common-2.17.1.jarFile Path: /lib/sshd-common-2.17.1.jar MD5: f7767cbac0f8dc36cff471d264330636 SHA1: 5c8ce7fcea1f8068b36c00a98714bb695f5935dd SHA256: 4be43cffd261eb8138da20f87bd2d5609022df85b67bf8329cee2db488c0a1a4 pkg:maven/org.apache.sshd/[email protected] sshd-scp-2.17.1.jarFile Path: /lib/sshd-scp-2.17.1.jar MD5: 791e035e4753ed7d9d983287c857217d SHA1: d002acc91320fd4c8456d23a42fdc62bf9dce943 SHA256: 514de8a4df96f32e6b94c0eb59c6f3770bb787980bebc8bd1c27cc95031e6a78 pkg:maven/org.apache.sshd/[email protected] sshd-sftp-2.17.1.jarFile Path: /lib/sshd-sftp-2.17.1.jar MD5: d8d1d37b5487d4229326afc66df58374 SHA1: 91085ab6f205ad68007a8034e58d46a82a0d126e SHA256: 84727e3ac45458e1efde1058269964e2526aa3d520584870ba007adb20534b3c pkg:maven/org.apache.sshd/[email protected] Suppressed Vulnerabilities bcpkix-jdk15on-1.70.jar Description:
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcpkix-jdk15on-1.70.jar
MD5: 2c383f50d41937eae4fd32c35d8668cd
SHA1: f81e5af49571a9d5a109a88f239a73ce87055417
SHA256: e5b9cb821df57f70b0593358e89c0e8d7266515da9d088af6c646f63d433c07c
Evidence Type Source Name Value Confidence Vendor central artifactid bcpkix-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcpkix-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name pkix Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle PKIX API Medium Vendor Manifest automatic-module-name org.bouncycastle.pkix Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcpkix Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcpkix Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcpkix-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcpkix-jdk15on Highest Product file name bcpkix-jdk15on High Product jar package name bouncycastle Highest Product jar package name pkix Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle PKIX API Medium Product Manifest automatic-module-name org.bouncycastle.pkix Medium Product Manifest Bundle-Name bcpkix Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcpkix Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcpkix Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcpkix-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
CVE-2023-33202 suppressed
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
MEDIUM (5.5) CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
bcprov-jdk15on-1.70.jar Description:
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcprov-jdk15on-1.70.jar
MD5: 1809d0449a6374279c01fdd3be26cd92
SHA1: 4636a0d01f74acaf28082fb62b317f1080118371
SHA256: 8f3c20e3e2d565d26f33e8d4857a37d0d7f8ac39b62a7026496fcab1bdac30d4
Evidence Type Source Name Value Confidence Vendor central artifactid bcprov-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcprov-jdk15on High Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor jar package name org Highest Vendor jar package name provider Highest Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Provider Medium Vendor Manifest automatic-module-name org.bouncycastle.provider Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcprov Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcprovider Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcprov-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle Provider High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcprov-jdk15on Highest Product file name bcprov-jdk15on High Product hint analyzer product legion-of-the-bouncy-castle-java-crytography-api High Product hint analyzer product the_bouncy_castle_crypto_package_for_java High Product jar package name bouncycastle Highest Product jar package name org Highest Product jar package name provider Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Provider Medium Product Manifest automatic-module-name org.bouncycastle.provider Medium Product Manifest Bundle-Name bcprov Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcprov Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcprovider Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcprov-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle Provider High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
CVE-2023-33202 suppressed
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
MEDIUM (5.5) CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
bcutil-jdk15on-1.70.jar Description:
The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.5 and up. License:
Bouncy Castle Licence: https://www.bouncycastle.org/licence.html File Path: /lib/bcutil-jdk15on-1.70.jar
MD5: 805173dfb0891331dbe69d0e53371af4
SHA1: 54280e7195a7430d7911ded93fc01e07300b9526
SHA256: 52dc5551b0257666526c5095424567fed7dc7b00d2b1ba7bd52298411112b1d0
Evidence Type Source Name Value Confidence Vendor central artifactid bcutil-jdk15on Highest Vendor central groupid org.bouncycastle Highest Vendor file name bcutil-jdk15on High Vendor jar package name asn1 Low Vendor jar package name bouncycastle Highest Vendor jar package name bouncycastle Low Vendor Manifest application-library-allowable-codebase * Low Vendor Manifest application-name Bouncy Castle Utility APIs Medium Vendor Manifest automatic-module-name org.bouncycastle.util Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest bundle-symbolicname bcutil Medium Vendor Manifest caller-allowable-codebase * Low Vendor Manifest codebase * Low Vendor Manifest extension-name org.bouncycastle.bcutil Medium Vendor Manifest Implementation-Vendor BouncyCastle.org High Vendor Manifest Implementation-Vendor-Id org.bouncycastle Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by 25.292-b10 (Private Build) Low Vendor Manifest permissions all-permissions Low Vendor Manifest specification-vendor BouncyCastle.org Low Vendor Manifest trusted-library true Low Vendor pom artifactid bcutil-jdk15on Low Vendor pom developer email [email protected] Low Vendor pom developer id feedback-crypto Medium Vendor pom developer name The Legion of the Bouncy Castle Inc. Medium Vendor pom groupid org.bouncycastle Highest Vendor pom name Bouncy Castle ASN.1 Extension and Utility APIs High Vendor pom url https://www.bouncycastle.org/java.html Highest Product central artifactid bcutil-jdk15on Highest Product file name bcutil-jdk15on High Product jar package name asn1 Low Product jar package name bouncycastle Highest Product Manifest application-library-allowable-codebase * Low Product Manifest application-name Bouncy Castle Utility APIs Medium Product Manifest automatic-module-name org.bouncycastle.util Medium Product Manifest Bundle-Name bcutil Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest bundle-symbolicname bcutil Medium Product Manifest caller-allowable-codebase * Low Product Manifest codebase * Low Product Manifest extension-name org.bouncycastle.bcutil Medium Product Manifest multi-release true Low Product Manifest originally-created-by 25.292-b10 (Private Build) Low Product Manifest permissions all-permissions Low Product Manifest trusted-library true Low Product pom artifactid bcutil-jdk15on Highest Product pom developer email [email protected] Low Product pom developer id feedback-crypto Low Product pom developer name The Legion of the Bouncy Castle Inc. Low Product pom groupid org.bouncycastle Highest Product pom name Bouncy Castle ASN.1 Extension and Utility APIs High Product pom url https://www.bouncycastle.org/java.html Medium Version central version 1.70 Highest Version file version 1.70 High Version Manifest Bundle-Version 1.70 High Version pom version 1.70 Highest
CVE-2023-33202 suppressed
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) CWE-400 Uncontrolled Resource Consumption
CVSSv3:
MEDIUM (5.5) CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )