Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Planmonitor Wonen API

nl.b3p.pmw:planmonitor-wonen-api:1.2.3-SNAPSHOT

Scan Information (show all):

Summary

Summary of Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
GeographicLib-Java-1.49.jarpkg:maven/net.sf.geographiclib/GeographicLib-Java@1.49 032
HdrHistogram-2.2.2.jarpkg:maven/org.hdrhistogram/HdrHistogram@2.2.2 025
HikariCP-6.3.2.jarpkg:maven/com.zaxxer/HikariCP@6.3.2 037
LatencyUtils-2.0.3.jarcpe:2.3:a:utils_project:utils:2.0.3:*:*:*:*:*:*:*pkg:maven/org.latencyutils/LatencyUtils@2.0.3 0Highest20
accessors-smart-2.5.2.jarpkg:maven/net.minidev/accessors-smart@2.5.2 043
apiguardian-api-1.1.2.jarpkg:maven/org.apiguardian/apiguardian-api@1.1.2 040
asm-9.7.1.jarpkg:maven/org.ow2.asm/asm@9.7.1 054
aspectjweaver-1.9.24.jarpkg:maven/org.aspectj/aspectjweaver@1.9.24 049
checker-qual-3.49.3.jarpkg:maven/org.checkerframework/checker-qual@3.49.3 044
commons-codec-1.18.0.jarpkg:maven/commons-codec/commons-codec@1.18.0 0121
commons-collections4-4.4.jarcpe:2.3:a:apache:commons_collections:4.4:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-collections4@4.4 0Highest105
commons-io-2.19.0.jarcpe:2.3:a:apache:commons_io:2.19.0:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.19.0 0Highest125
commons-jxpath-1.3.jarcpe:2.3:a:apache:commons_jxpath:1.3:*:*:*:*:*:*:*pkg:maven/commons-jxpath/commons-jxpath@1.3CRITICAL3Highest58
commons-lang3-3.18.0.jarcpe:2.3:a:apache:commons_lang:3.18.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-lang3@3.18.0 0Highest145
commons-pool-1.6.jarpkg:maven/commons-pool/commons-pool@1.6 075
commons-text-1.13.0.jarcpe:2.3:a:apache:commons_text:1.13.0:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.13.0 0Highest73
content-type-2.2.jarpkg:maven/com.nimbusds/content-type@2.2 045
ejml-core-0.41.jarpkg:maven/org.ejml/ejml-core@0.41 026
ejml-ddense-0.41.jarpkg:maven/org.ejml/ejml-ddense@0.41 028
flyway-core-11.7.2.jarpkg:maven/org.flywaydb/flyway-core@11.7.2 021
flyway-database-postgresql-11.7.2.jarpkg:maven/org.flywaydb/flyway-database-postgresql@11.7.2 021
gt-xml-33.2.jarcpe:2.3:a:geotools:geotools:33.2:*:*:*:*:*:*:*
cpe:2.3:a:xml_library_project:xml_library:33.2:*:*:*:*:*:*:*		pkg:maven/org.geotools/gt-xml@33.2 0Highest40
gt-xsd-core-33.2.jarcpe:2.3:a:geotools:geotools:33.2:*:*:*:*:*:*:*pkg:maven/org.geotools.xsd/gt-xsd-core@33.2 0Highest44
hsqldb-2.7.3.jarcpe:2.3:a:hsqldb:hypersql_database:2.7.3:*:*:*:*:*:*:*pkg:maven/org.hsqldb/hsqldb@2.7.3 0Low45
httpclient-4.5.14.jarcpe:2.3:a:apache:httpclient:4.5.14:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient@4.5.14 0Highest32
httpcore-4.4.16.jarpkg:maven/org.apache.httpcomponents/httpcore@4.4.16 032
indriya-2.2.jarpkg:maven/tech.units/indriya@2.2 085
jackson-core-2.19.2.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.19.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.19.2 0Low47
jackson-databind-2.19.2.jarcpe:2.3:a:fasterxml:jackson-databind:2.19.2:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.19.2:*:*:*:*:*:*:*		pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.19.2 0Highest41
jackson-dataformat-toml-2.19.2.jarcpe:2.3:a:fasterxml:jackson-dataformat-xml:2.19.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-toml@2.19.2 0Highest39
jai_core-1.1.3.jarpkg:maven/javax.media/jai_core@1.1.3 024
jakarta.annotation-api-2.1.1.jarcpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1 0Low42
jakarta.inject-api-2.0.1.jarpkg:maven/jakarta.inject/jakarta.inject-api@2.0.1 056
jcip-annotations-1.0-1.jarpkg:maven/com.github.stephenc.jcip/jcip-annotations@1.0-1 025
jgridshift-core-1.3.jarpkg:maven/it.geosolutions.jgridshift/jgridshift-core@1.3 019
json-smart-2.5.2.jarcpe:2.3:a:json-smart_project:json-smart:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:json-smart_project:json-smart-v2:2.5.2:*:*:*:*:*:*:*		pkg:maven/net.minidev/json-smart@2.5.2 0Highest51
jts-core-1.20.0.jarpkg:maven/org.locationtech.jts/jts-core@1.20.0 024
jul-to-slf4j-2.0.17.jarpkg:maven/org.slf4j/jul-to-slf4j@2.0.17 031
lang-tag-1.7.jarpkg:maven/com.nimbusds/lang-tag@1.7 047
log4j-api-2.24.3.jarcpe:2.3:a:apache:log4j:2.24.3:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-api@2.24.3 0Highest41
log4j-to-slf4j-2.24.3.jarpkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.24.3 037
logback-core-1.5.18.jarcpe:2.3:a:qos:logback:1.5.18:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.5.18 0Highest39
micrometer-commons-1.15.3.jarpkg:maven/io.micrometer/micrometer-commons@1.15.3 065
micrometer-core-1.15.3.jarpkg:maven/io.micrometer/micrometer-core@1.15.3 065
micrometer-jakarta9-1.15.3.jarpkg:maven/io.micrometer/micrometer-jakarta9@1.15.3 065
micrometer-observation-1.15.3.jarpkg:maven/io.micrometer/micrometer-observation@1.15.3 065
micrometer-registry-prometheus-1.15.3.jarcpe:2.3:a:prometheus:prometheus:1.15.3:*:*:*:*:*:*:*pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3 0Highest63
modernizer-maven-annotations-3.2.0.jarpkg:maven/org.gaul/modernizer-maven-annotations@3.2.0 019
net.opengis.fes-33.2.jarcpe:2.3:a:geotools:geotools:33.2:*:*:*:*:*:*:*pkg:maven/org.geotools.ogc/net.opengis.fes@33.2 0Highest28
nimbus-jose-jwt-9.37.3.jar (shaded: com.google.code.gson:gson:2.10.1)cpe:2.3:a:google:gson:2.10.1:*:*:*:*:*:*:*pkg:maven/com.google.code.gson/gson@2.10.1MEDIUM1Highest9
nimbus-jose-jwt-9.37.3.jarcpe:2.3:a:connect2id:nimbus_jose\+jwt:9.37.3:*:*:*:*:*:*:*pkg:maven/com.nimbusds/nimbus-jose-jwt@9.37.3 0Highest52
oauth2-oidc-sdk-9.43.6.jarpkg:maven/com.nimbusds/oauth2-oidc-sdk@9.43.6 057
org.eclipse.emf.common-2.15.0.jarpkg:maven/org.eclipse.emf/org.eclipse.emf.common@2.15.0
pkg:maven/org.eclipse.emf/org.eclipse.emf.common@2.15.0-SNAPSHOT		 043
org.eclipse.emf.ecore-2.15.0.jarpkg:maven/org.eclipse.emf/org.eclipse.emf.ecore@2.15.0
pkg:maven/org.eclipse.emf/org.eclipse.emf.ecore@2.15.0-SNAPSHOT		 044
org.eclipse.emf.ecore.xmi-2.15.0.jarpkg:maven/org.eclipse.emf/org.eclipse.emf.ecore.xmi@2.15.0
pkg:maven/org.eclipse.emf/org.eclipse.emf.ecore.xmi@2.15.0-SNAPSHOT		MEDIUM143
org.eclipse.xsd-2.12.0.jarpkg:maven/org.eclipse.xsd/org.eclipse.xsd@2.12.0 035
org.w3.xlink-33.2.jarcpe:2.3:a:geotools:geotools:33.2:*:*:*:*:*:*:*pkg:maven/org.geotools.ogc/org.w3.xlink@33.2 0Highest29
picocontainer-1.2.jarpkg:maven/picocontainer/picocontainer@1.2 026
postgresql-42.7.7.jarcpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.7:*:*:*:*:*:*:*pkg:maven/org.postgresql/postgresql@42.7.7 0Low68
prometheus-metrics-config-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-config@1.3.10 029
prometheus-metrics-core-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-core@1.3.10 029
prometheus-metrics-exposition-formats-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-exposition-formats@1.3.10 029
prometheus-metrics-exposition-textformats-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-exposition-textformats@1.3.10 027
prometheus-metrics-model-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-model@1.3.10 029
prometheus-metrics-tracer-common-1.3.10.jarpkg:maven/io.prometheus/prometheus-metrics-tracer-common@1.3.10 029
re2j-1.8.jarpkg:maven/com.google.re2j/re2j@1.8 028
si-quantity-2.1.jarpkg:maven/si.uom/si-quantity@2.1 024
si-units-2.1.jarpkg:maven/si.uom/si-units@2.1 033
slf4j-api-2.0.17.jarpkg:maven/org.slf4j/slf4j-api@2.0.17 029
snakeyaml-2.4.jarcpe:2.3:a:snakeyaml_project:snakeyaml:2.4:*:*:*:*:*:*:*pkg:maven/org.yaml/snakeyaml@2.4 0Highest42
spring-boot-3.5.5.jarcpe:2.3:a:vmware:spring_boot:3.5.5:*:*:*:*:*:*:*pkg:maven/org.springframework.boot/spring-boot@3.5.5 0Highest38
spring-boot-starter-web-3.5.5.jarcpe:2.3:a:vmware:spring_boot:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:3.5.5:*:*:*:*:*:*:*		pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5 0Highest36
spring-core-6.2.10.jarcpe:2.3:a:pivotal_software:spring_framework:6.2.10:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:6.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:6.2.10:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-core@6.2.10 0Highest41
spring-security-core-6.5.3.jarcpe:2.3:a:pivotal_software:spring_security:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:6.5.3:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-core@6.5.3 0Highest38
spring-security-oauth2-core-6.5.3.jarcpe:2.3:a:pivotal:spring_security_oauth:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security_oauth:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:6.5.3:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-oauth2-core@6.5.3 0Highest40
spring-security-web-6.5.3.jarcpe:2.3:a:pivotal_software:spring_security:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:6.5.3:*:*:*:*:*:*:*		pkg:maven/org.springframework.security/spring-security-web@6.5.3 0Highest38
spring-security-web-6.5.3.jar: spring-security-webauthn.js 00
spring-session-core-3.5.2.jarcpe:2.3:a:vmware:spring_session:3.5.2:*:*:*:*:*:*:*pkg:maven/org.springframework.session/spring-session-core@3.5.2 0Highest36
spring-web-6.2.10.jarcpe:2.3:a:pivotal_software:spring_framework:6.2.10:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:6.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:6.2.10:*:*:*:*:*:*:*
cpe:2.3:a:web_project:web:6.2.10:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-web@6.2.10 0Highest35
systems-common-2.1.jarpkg:maven/systems.uom/systems-common@2.1 037
tomcat-embed-core-10.1.44.jarcpe:2.3:a:apache:tomcat:10.1.44:*:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.1.44:*:*:*:*:*:*:*		pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@10.1.44 0Highest63
tomcat-embed-el-10.1.44.jarpkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.44 033
unit-api-2.2.jarpkg:maven/javax.measure/unit-api@2.2 0109
uom-lib-common-2.2.jarpkg:maven/tech.uom.lib/uom-lib-common@2.2 043
xml-commons-resolver-1.2.jarpkg:maven/org.apache.xml/xml-commons-resolver@1.2 019

Dependencies (vulnerable)

GeographicLib-Java-1.49.jar

Description:

    This is a Java implementation of the geodesic algorithms from
    GeographicLib. This is a self-contained library which makes it
    easy to do geodesic computations for an ellipsoid of revolution in
    a Java program. It requires Java version 1.1 or later.

License:

The MIT License(MIT): http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/net/sf/geographiclib/GeographicLib-Java/1.49/GeographicLib-Java-1.49.jar
MD5: 5536ff35e4bb0b3262c6f62f43105ea4
SHA1: 7ff2164e69fa04e1ef2ca5079e1cee298a936ea1
SHA256:78c292f7e6910d51a15fc9088c301fac3b4c0a43ac5ae17499f5763b4dd9aca8
Referenced In Project/Scope: Planmonitor Wonen API:compile
GeographicLib-Java-1.49.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

Identifiers

HdrHistogram-2.2.2.jar

Description:

        HdrHistogram supports the recording and analyzing sampled data value
        counts across a configurable integer value range with configurable value
        precision within the range. Value precision is expressed as the number of
        significant digits in the value recording, and provides control over value
        quantization behavior across the value range and the subsequent value
        resolution at any given level.

License:

Public Domain, per Creative Commons CC0: http://creativecommons.org/publicdomain/zero/1.0/
BSD-2-Clause: https://opensource.org/licenses/BSD-2-Clause
File Path: /home/runner/.m2/repository/org/hdrhistogram/HdrHistogram/2.2.2/HdrHistogram-2.2.2.jar
MD5: 41f807bf0c681d6f692c408a6e217eaf
SHA1: 7959933ebcc0f05b2eaa5af0a0c8689fa257b15c
SHA256:22d1d4316c4ec13a68b559e98c8256d69071593731da96136640f864fa14fad8
Referenced In Project/Scope: Planmonitor Wonen API:runtime
HdrHistogram-2.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

Identifiers

HikariCP-6.3.2.jar

Description:

Ultimate JDBC Connection Pool

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/zaxxer/HikariCP/6.3.2/HikariCP-6.3.2.jar
MD5: d8986ede5e09cfdd6f75bd7bbdbe9d9c
SHA1: 0d09ad7d252c2a8daaa99ed5f3b0d54f95b9b344
SHA256:6d3c1b8dc157f6a8525935cb3a3c56f8b2334a6d5c394552a50533ca3b9236bf
Referenced In Project/Scope: Planmonitor Wonen API:compile
HikariCP-6.3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@3.5.5

Identifiers

LatencyUtils-2.0.3.jar

Description:

        LatencyUtils is a package that provides latency recording and reporting utilities.

License:

Public Domain, per Creative Commons CC0: http://creativecommons.org/publicdomain/zero/1.0/
File Path: /home/runner/.m2/repository/org/latencyutils/LatencyUtils/2.0.3/LatencyUtils-2.0.3.jar
MD5: 2ad12e1ef7614cecfb0483fa9ac6da73
SHA1: 769c0b82cb2421c8256300e907298a9410a2a3d3
SHA256:a32a9ffa06b2f4e01c5360f8f9df7bc5d9454a5d373cd8f361347fa5a57165ec
Referenced In Project/Scope: Planmonitor Wonen API:runtime
LatencyUtils-2.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

Identifiers

accessors-smart-2.5.2.jar

Description:

Java reflect give poor performance on getter setter an constructor calls, accessors-smart use ASM to speed up those calls.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/net/minidev/accessors-smart/2.5.2/accessors-smart-2.5.2.jar
MD5: 24191e0bb215c72902e89f46dde839e1
SHA1: ce16fd235cfee48e67eda33e684423bba09f7d07
SHA256:9b8a7bc43861d6156c021166d941fb7dddbe4463e2fa5ee88077e4b01452a836
Referenced In Project/Scope: Planmonitor Wonen API:compile
accessors-smart-2.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.5.5

Identifiers

apiguardian-api-1.1.2.jar

Description:

@API Guardian

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apiguardian/apiguardian-api/1.1.2/apiguardian-api-1.1.2.jar
MD5: 8c7de3f82037fa4a2e8be2a2f13092af
SHA1: a231e0d844d2721b0fa1b238006d15c6ded6842a
SHA256:b509448ac506d607319f182537f0b35d71007582ec741832a1f111e5b5b70b38
Referenced In Project/Scope: Planmonitor Wonen API:compile
apiguardian-api-1.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.5.5

Identifiers

asm-9.7.1.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.7.1/asm-9.7.1.jar
MD5: e2cdd32d198ad31427d298eee9d39d8d
SHA1: f0ed132a49244b042cd0e15702ab9f2ce3cc8436
SHA256:8cadd43ac5eb6d09de05faecca38b917a040bb9139c7edeb4cc81c740b713281
Referenced In Project/Scope: Planmonitor Wonen API:compile
asm-9.7.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.5.5

Identifiers

aspectjweaver-1.9.24.jar

Description:

The AspectJ weaver applies aspects to Java classes. It can be used as a Java agent in order to apply load-time
		weaving (LTW) during class-loading and also contains the AspectJ runtime classes.

License:

Eclipse Public License - v 2.0: https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt
File Path: /home/runner/.m2/repository/org/aspectj/aspectjweaver/1.9.24/aspectjweaver-1.9.24.jar
MD5: d95bb9406a5351d45a02145777b9a241
SHA1: 9b5aeb0cea9f958b9c57fb80e62996e95a3e9379
SHA256:75e4227fb7dc5f97c3d4689cd1c2439f4db0bd18cea2fa242c4656cd93c599aa
Referenced In Project/Scope: Planmonitor Wonen API:compile
aspectjweaver-1.9.24.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-aop@3.5.5

Identifiers

checker-qual-3.49.3.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.49.3/checker-qual-3.49.3.jar
MD5: 5881721126d6f442ba085fcd81145a4d
SHA1: 119a4df4ba2e6a432b23989a785f81be38a56849
SHA256:367edbf2fe9f606c1fdb5a8ba6e1c9c27625993e1ff954e3868de70bcc6416b7
Referenced In Project/Scope: Planmonitor Wonen API:runtime
checker-qual-3.49.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.postgresql/postgresql@42.7.7

Identifiers

commons-codec-1.18.0.jar

Description:

     The Apache Commons Codec component contains encoders and decoders for
     formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.18.0/commons-codec-1.18.0.jar
MD5: 2abf189633424b9292fd57a3192c0ed5
SHA1: ee45d1cf6ec2cc2b809ff04b4dc7aec858e0df8f
SHA256:ba005f304cef92a3dede24a38ad5ac9b8afccf0d8f75839d6c1338634cf7f6e4
Referenced In Project/Scope: Planmonitor Wonen API:compile
commons-codec-1.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

Identifiers

commons-collections4-4.4.jar

Description:

The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-collections4/4.4/commons-collections4-4.4.jar
MD5: 4a37023740719b391f10030362c86be6
SHA1: 62ebe7544cb7164d87e0637a2a6a2bdc981395e8
SHA256:1df8b9430b5c8ed143d7815e403e33ef5371b2400aadbe9bda0883762e0846d1
Referenced In Project/Scope: Planmonitor Wonen API:compile
commons-collections4-4.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

Identifiers

commons-io-2.19.0.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-io/commons-io/2.19.0/commons-io-2.19.0.jar
MD5: 3d1fd45f9d2a247c1d05ab1e98c07160
SHA1: 1f8d4a99ba72b77aa69101175efc79b0c7dcdd7e
SHA256:824268919b4b62f9f40f08c54381de5993b078f58667e332d17348ae019d72b9
Referenced In Project/Scope: Planmonitor Wonen API:compile
commons-io-2.19.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

Identifiers

commons-jxpath-1.3.jar

Description:

A Java-based implementation of XPath 1.0 that, in addition to XML processing, can inspect/modify Java object graphs (the library's explicit purpose) and even mixed Java/XML structures.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-jxpath/commons-jxpath/1.3/commons-jxpath-1.3.jar
MD5: 61a9aa8ff43ba10853571d57f724bf88
SHA1: c22d7d0f0f40eb7059a23cfa61773a416768b137
SHA256:fcbc0ad917d9d6a73c6df21fac322e00d213ef19cd94815a007c407a8a3ff449
Referenced In Project/Scope: Planmonitor Wonen API:compile
commons-jxpath-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

Identifiers

CVE-2022-41852 (OSSINDEX)  

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-41852 for details
CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

CVSSv3:
  • Base Score: CRITICAL (9.800000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:commons-jxpath:commons-jxpath:1.3:*:*:*:*:*:*:*

CVE-2022-40159  

** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid.
CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

References:

    Vulnerable Software & Versions:

    CVE-2022-40160  

    ** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid.
    CWE-787 Out-of-bounds Write, CWE-121 Stack-based Buffer Overflow

    CVSSv3:
    • Base Score: MEDIUM (6.5)
    • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

    References:

      Vulnerable Software & Versions:

      commons-lang3-3.18.0.jar

      Description:

        Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17 and 21 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

      License:

      https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.18.0/commons-lang3-3.18.0.jar
      MD5: 48b9886957920a4cdb602780ca345087
      SHA1: fb14946f0e39748a6571de0635acbe44e7885491
      SHA256:4eeeae8d20c078abb64b015ec158add383ac581571cddc45c68f0c9ae0230720
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      commons-lang3-3.18.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      commons-pool-1.6.jar

      Description:

      Commons Object Pooling Library

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/commons-pool/commons-pool/1.6/commons-pool-1.6.jar
      MD5: 5ca02245c829422176d23fa530e919cc
      SHA1: 4572d589699f09d866a226a14b7f4323c6d8f040
      SHA256:46c42b4a38dc6b2db53a9ee5c92c63db103665d56694e2cfce2c95d51a6860cc
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      commons-pool-1.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      commons-text-1.13.0.jar

      Description:

      Apache Commons Text is a set of utility functions and reusable components for the purpose of processing
    and manipulating text that should be of use in a Java environment.

      License:

      https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.13.0/commons-text-1.13.0.jar
      MD5: 4b4766452c04316e3ef6ffe3490d6b10
      SHA1: ba2ed5521c491cabf7ecdb57f77922561c2e8958
      SHA256:1e323a501127df78ed0987f345d69d65d0ea7fa3d4fb5b3f84aaeba3a8b20f38
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      commons-text-1.13.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      content-type-2.2.jar

      Description:

      Java library for Content (Media) Type representation

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/nimbusds/content-type/2.2/content-type-2.2.jar
      MD5: 135aaa5ebcc12a45f4b3ff08cb6fa46a
      SHA1: 9a894bce7646dd4086652d85b88013229f23724b
      SHA256:730f1816196145e88275093c147f2e6da3c3e541207acd3503a1b06129b9bea9
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      content-type-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      ejml-core-0.41.jar

      Description:

      A fast and easy to use dense and sparse matrix linear algebra library written in Java.

      License:

      The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/ejml/ejml-core/0.41/ejml-core-0.41.jar
      MD5: 200146f623a8eb87196bbc35cae6c2b1
      SHA1: 92ac2bee332a5697c42e576b94d563ba8c25877c
      SHA256:8d36469e8414d79c875defc0af3b980525d384761c9471d15a4f365b936dd1d5
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      ejml-core-0.41.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      ejml-ddense-0.41.jar

      Description:

      A fast and easy to use dense and sparse matrix linear algebra library written in Java.

      License:

      The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/ejml/ejml-ddense/0.41/ejml-ddense-0.41.jar
      MD5: 2128d09683d0ed77429fac23f64e42c7
      SHA1: 782c80d4c3c8a3432c4641f24c177f336a360f9c
      SHA256:355347e9cac7e96d5d724d331a9b04bb14a8a02e1d111f1ac51c79f25d937123
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      ejml-ddense-0.41.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      flyway-core-11.7.2.jar

      File Path: /home/runner/.m2/repository/org/flywaydb/flyway-core/11.7.2/flyway-core-11.7.2.jar
      MD5: 4c980ae9d24be75b9522f8f4ed0b60bc
      SHA1: 2e40f0465ab29c807a38aae56b4e636451a9ff99
      SHA256:ff01fab3bcfd79e9345df191ecf82cbe1f9f65a757266158bd691564b1c1282c
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      flyway-core-11.7.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      flyway-database-postgresql-11.7.2.jar

      File Path: /home/runner/.m2/repository/org/flywaydb/flyway-database-postgresql/11.7.2/flyway-database-postgresql-11.7.2.jar
      MD5: 7f4b3e8a8ef177fa1d9e6815cdddfbac
      SHA1: 6cca0e7f6fdded39ddc302c97d9e12ecc8c9b96a
      SHA256:1d586e14ea772c75613df2c27ddc20f5c065e8a32283815338611af82e48f9a2
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      flyway-database-postgresql-11.7.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      gt-xml-33.2.jar

      Description:

      GTXML Schema Driven Parser

      License:

      Lesser General Public License (LGPL): http://www.gnu.org/copyleft/lesser.txt
      File Path: /home/runner/.m2/repository/org/geotools/gt-xml/33.2/gt-xml-33.2.jar
      MD5: c34927b125b4663f9f14993d42d97ddd
      SHA1: bbb34af2aacbbf44b0fae750f13705ef803c9241
      SHA256:2a5c50cde8b87b56581208e05af425cccb9ab86495d78d81692e4c9134dbb284
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      gt-xml-33.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      gt-xsd-core-33.2.jar

      Description:

      Schema based xml parsing. This module contains tools for creating 
  bindings from xml types to java types. Schema modelling is based 
  on Eclipse XSD.

      License:

      Lesser General Public License (LGPL): http://www.gnu.org/copyleft/lesser.txt
      File Path: /home/runner/.m2/repository/org/geotools/xsd/gt-xsd-core/33.2/gt-xsd-core-33.2.jar
      MD5: acfea5d51ec99aaaf3435b1859dd92a4
      SHA1: 806076c174879cb8c0737039b0c5f3d25e911272
      SHA256:b8e8061306507a5a0a29d2351a88d58a7a5578b897f70c562ba95e4a8cf0dac9
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      gt-xsd-core-33.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      hsqldb-2.7.3.jar

      Description:

      HSQLDB - Lightweight 100% Java SQL Database Engine

      License:

      HSQLDB License, a BSD open source license: http://hsqldb.org/web/hsqlLicense.html
      File Path: /home/runner/.m2/repository/org/hsqldb/hsqldb/2.7.3/hsqldb-2.7.3.jar
      MD5: 724301ab61ff54755deec86c7a724505
      SHA1: 85b49338b36f3051d217295596cf92beb92e4bfb
      SHA256:6f2f77eedbe75cfbe26bf30d73b13de0cc57fb7cdb27a92ed8c1a012f0e2363a
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      hsqldb-2.7.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-epsg-hsql@33.2

      Identifiers

      httpclient-4.5.14.jar

      Description:

         Apache HttpComponents Client

      File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpclient/4.5.14/httpclient-4.5.14.jar
      MD5: 2cb357c4b763f47e58af6cad47df6ba3
      SHA1: 1194890e6f56ec29177673f2f12d0b8e627dec98
      SHA256:c8bc7e1c51a6d4ce72f40d2ebbabf1c4b68bfe76e732104b04381b493478e9d6
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      httpclient-4.5.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      httpcore-4.4.16.jar

      Description:

         Apache HttpComponents Core (blocking I/O)

      File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpcore/4.4.16/httpcore-4.4.16.jar
      MD5: 28d2cd9bf8789fd2ec774fb88436ebd1
      SHA1: 51cf043c87253c9f58b539c9f7e44c8894223850
      SHA256:6c9b3dd142a09dc468e23ad39aad6f75a0f2b85125104469f026e52a474e464f
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      httpcore-4.4.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      indriya-2.2.jar

      Description:

      Unit Standard (JSR 385) Reference Implementation.

      License:

      BSD 3-Clause: LICENSE
      File Path: /home/runner/.m2/repository/tech/units/indriya/2.2/indriya-2.2.jar
      MD5: cefa3a26996e4c70071d27a0c36603ea
      SHA1: 647a0e06d60346f3f3c48284f66d34b28ff83340
      SHA256:5b61eafd63fd235898dea0e5e614e9636c9d7783705a0c9f1794dd07e3a84b35
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      indriya-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      jackson-core-2.19.2.jar

      Description:

      Core Jackson processing abstractions (aka Streaming API), implementation for JSON

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.19.2/jackson-core-2.19.2.jar
      MD5: b3843578b0753a9a685eea819dea3ab7
      SHA1: 50f3b4bd59b9ff51a0ed493e7b5abaf5c39709bf
      SHA256:aa77eaf29293a868c47372194f7c5287d77d9370b04ea25d3fffc1e4904b5880
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jackson-core-2.19.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      jackson-databind-2.19.2.jar

      Description:

      General data-binding functionality for Jackson: works on core streaming API

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.19.2/jackson-databind-2.19.2.jar
      MD5: 856506e1d49091e89599a3ef34990597
      SHA1: 46509399d28f57ca32c6bb4b0d4e10e8f062051e
      SHA256:0a1bd4e9b0d670e632d40ee8c625ad376233502f03c2f5889baea95d025b47a7
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jackson-databind-2.19.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      jackson-dataformat-toml-2.19.2.jar

      Description:

      Support for reading and writing TOML-encoded data via Jackson abstractions.

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-toml/2.19.2/jackson-dataformat-toml-2.19.2.jar
      MD5: 34347972d0a1eee318645046ccb9449b
      SHA1: 629e52c5fbdb321d126155e0c78bd2d796f94b12
      SHA256:74ec2f9c4404a7b8fc1e236d94be8e4ed8aaba93623153a57595cc081c1a9ec1
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jackson-dataformat-toml-2.19.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flywaydb/flyway-core@11.7.2

      Identifiers

      jai_core-1.1.3.jar

      File Path: /home/runner/.m2/repository/javax/media/jai_core/1.1.3/jai_core-1.1.3.jar
      MD5: f398bc038307ee434bac1b93ba3ab02d
      SHA1: b179d2efb1174658483e8b41bf4ac9d2eb5de438
      SHA256:8b696cf067533545f44c2f68339e24ab1a2669153ed2081aa5be8749f4d592bf
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jai_core-1.1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      jakarta.annotation-api-2.1.1.jar

      Description:

      Jakarta Annotations API

      License:

      EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
      File Path: /home/runner/.m2/repository/jakarta/annotation/jakarta.annotation-api/2.1.1/jakarta.annotation-api-2.1.1.jar
      MD5: 5dac2f68e8288d0add4dc92cb161711d
      SHA1: 48b9bda22b091b1f48b13af03fe36db3be6e1ae3
      SHA256:5f65fdaf424eee2b55e1d882ba9bb376be93fb09b37b808be6e22e8851c909fe
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jakarta.annotation-api-2.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      jakarta.inject-api-2.0.1.jar

      Description:

      Jakarta Dependency Injection

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/jakarta/inject/jakarta.inject-api/2.0.1/jakarta.inject-api-2.0.1.jar
      MD5: 72003bf6efcc8455d414bbd7da86c11c
      SHA1: 4c28afe1991a941d7702fe1362c365f0a8641d1e
      SHA256:f7dc98062fccf14126abb751b64fab12c312566e8cbdc8483598bffcea93af7c
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jakarta.inject-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      jcip-annotations-1.0-1.jar

      Description:

          A clean room implementation of the JCIP Annotations based entirely on the specification provided by the javadocs.

      License:

      Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/github/stephenc/jcip/jcip-annotations/1.0-1/jcip-annotations-1.0-1.jar
      MD5: d62dbfa8789378457ada685e2f614846
      SHA1: ef31541dd28ae2cefdd17c7ebf352d93e9058c63
      SHA256:4fccff8382aafc589962c4edb262f6aa595e34f1e11e61057d1c6a96e8fc7323
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jcip-annotations-1.0-1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      jgridshift-core-1.3.jar

      File Path: /home/runner/.m2/repository/it/geosolutions/jgridshift/jgridshift-core/1.3/jgridshift-core-1.3.jar
      MD5: 04a57b57bb0654b3d603eaaa748de563
      SHA1: 314702a7b6e634e1c74589983a6762974b9c51c8
      SHA256:303eb6a6f6f87369f6b9e3dcacefd6f9b0ad55920cd65a7f162ab9a23401c722
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jgridshift-core-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      json-smart-2.5.2.jar

      Description:

      JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/net/minidev/json-smart/2.5.2/json-smart-2.5.2.jar
      MD5: e3ad34c55c0d2627255f79f4411c6bdd
      SHA1: 95d166b18f95907be0f46cdb9e1c0695eed03387
      SHA256:4fbdedb0105cedc7f766b95c297d2e88fb6a560da48f3bbaa0cc538ea8b7bf71
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      json-smart-2.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.5.5

      Identifiers

      jts-core-1.20.0.jar

      Description:

      The JTS Topology Suite is an API for 2D linear geometry predicates and functions.

      License:

      https://github.com/locationtech/jts/blob/master/LICENSE_EPLv2.txt, https://github.com/locationtech/jts/blob/master/LICENSE_EDLv1.txt
      File Path: /home/runner/.m2/repository/org/locationtech/jts/jts-core/1.20.0/jts-core-1.20.0.jar
      MD5: 8de91edea80ac2de00c07226458649fb
      SHA1: 25b72c9548a328cb1aea8a6b89d710a31ade5403
      SHA256:6a783d8f9dba3d3cf7265435f134402f63c05838aa6cbcc4297ad3a5b2842baf
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jts-core-1.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      jul-to-slf4j-2.0.17.jar

      Description:

      JUL to SLF4J bridge

      License:

      https://opensource.org/license/mit
      File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/2.0.17/jul-to-slf4j-2.0.17.jar
      MD5: a42936c56611e4794c42908fb3d3a647
      SHA1: 524cb6ccc2b68a57604750e1ab8b13b5a786a6aa
      SHA256:a7afcd23b9cfd1475e55c94f943b808c5922035e7e2c2a5c65a487a4106bc538
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      jul-to-slf4j-2.0.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      lang-tag-1.7.jar

      Description:

      Java implementation of "Tags for Identifying Languages" (RFC 5646)

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/nimbusds/lang-tag/1.7/lang-tag-1.7.jar
      MD5: 31b8a4f76fdbf21f1d667f9d6618e0b2
      SHA1: 97c73ecd70bc7e8eefb26c5eea84f251a63f1031
      SHA256:e8c1c594e2425bdbea2d860de55c69b69fc5d59454452449a0f0913c2a5b8a31
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      lang-tag-1.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      log4j-api-2.24.3.jar

      Description:

      The logging API of the Log4j project.
    Library and application code can log through this API.
    It contains a simple built-in implementation (`SimpleLogger`) for trivial use cases.
    Production applications are recommended to use Log4j API in combination with a fully-fledged implementation, such as Log4j Core.

      License:

      Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-api/2.24.3/log4j-api-2.24.3.jar
      MD5: d89516699543c5c21be87ee1760695f3
      SHA1: b02c125db8b6d295adf72ae6e71af5d83bce2370
      SHA256:5b4a0a0cd0e751ded431c162442bdbdd53328d1f8bb2bae5fc1bbeee0f66d80f
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      log4j-api-2.24.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      log4j-to-slf4j-2.24.3.jar

      Description:

      Forwards the Log4j API calls to SLF4J.
    (Refer to the `log4j-slf4j[2]-impl` artifacts for forwarding SLF4J to the Log4j API.)

      License:

      Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-to-slf4j/2.24.3/log4j-to-slf4j-2.24.3.jar
      MD5: 1f4b63f9c41f2f5179aa10b35d76e805
      SHA1: da1143e2a2531ee1c2d90baa98eb50a28a39d5a7
      SHA256:c7f2b0c612a4eb05b1587d1c880eb4cf5f4f53850676a8ede8da2b8fabb4f73f
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      log4j-to-slf4j-2.24.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      logback-core-1.5.18.jar

      Description:

      logback-core module

      License:

      http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
      File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.5.18/logback-core-1.5.18.jar
      MD5: 10bcea83842beead15f072799b9c923d
      SHA1: 6c0375624f6f36b4e089e2488ba21334a11ef13f
      SHA256:85139e7b57b464f8e5e36326dd81317648bed199ccc4f98cd42585f8d7571027
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      logback-core-1.5.18.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      micrometer-commons-1.15.3.jar

      Description:

      Module containing common code

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/micrometer/micrometer-commons/1.15.3/micrometer-commons-1.15.3.jar
      MD5: cd66d585e2a2dc44722c4fabc034a63a
      SHA1: 3a97060d64a54daa11f14365aebc559fa8820281
      SHA256:0dc67ca155ee76470c0c36612e803c81f897b2af808a1f40353658d4434f7914
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      micrometer-commons-1.15.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.5.5

      Identifiers

      micrometer-core-1.15.3.jar

      Description:

      Core module of Micrometer containing instrumentation API and implementation

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/micrometer/micrometer-core/1.15.3/micrometer-core-1.15.3.jar
      MD5: 61c3042674652fcc00372a01587e1718
      SHA1: 7d9458b1138c8f32a0dcc2e4a0dbfc7717542985
      SHA256:c7805740412a053cd7dca3bf1acd3dd4c5765e3264e4c9b68e373f9dffb87a8a
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      micrometer-core-1.15.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      micrometer-jakarta9-1.15.3.jar

      Description:

      Module for Jakarta 9+ based instrumentations

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/micrometer/micrometer-jakarta9/1.15.3/micrometer-jakarta9-1.15.3.jar
      MD5: 180c1b0136987797aef96a4a639c9ab6
      SHA1: 1f6d5a1bab3ac5a674abfce61d1b82554aeb90e4
      SHA256:4f7fdd4d546d952269c4dd0828cc31a7a9b49408c240cc8b55f0fb2cac097f79
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      micrometer-jakarta9-1.15.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.5.5

      Identifiers

      micrometer-observation-1.15.3.jar

      Description:

      Module containing Observation related code

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/micrometer/micrometer-observation/1.15.3/micrometer-observation-1.15.3.jar
      MD5: 7bc33a94e9f9edf531e78992542d466c
      SHA1: e95d07e329f6d3ecb15a6ba1c5d96c25b9df0a97
      SHA256:52ccb056ef26fa87dd71a6edabbfbd02b4a4820b6cd37344720e14f9db6ee0ce
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      micrometer-observation-1.15.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-actuator@3.5.5

      Identifiers

      micrometer-registry-prometheus-1.15.3.jar

      Description:

      MeterRegistry implementation for Prometheus using io.prometheus:prometheus-metrics-core. If you have compatibility issues with this module, you can go back to io.micrometer:micrometer-registry-prometheus-simpleclient that uses io.prometheus:simpleclient_common.

      License:

      The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/micrometer/micrometer-registry-prometheus/1.15.3/micrometer-registry-prometheus-1.15.3.jar
      MD5: 381f49bfb906423d0031f56a0a63cc8d
      SHA1: 82cfe2686434857c1b0652f2412650ad6b38bb77
      SHA256:65ef3878eff1db3a6b9cb6e31b042c5d2a226ad9fcc044c807a73fca8bfc3662
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      micrometer-registry-prometheus-1.15.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      modernizer-maven-annotations-3.2.0.jar

      File Path: /home/runner/.m2/repository/org/gaul/modernizer-maven-annotations/3.2.0/modernizer-maven-annotations-3.2.0.jar
      MD5: 127396b14eb51fd93eb587308f079768
      SHA1: 23a99089ff682152e86ab1691a8232db325def09
      SHA256:9f9396f361f0d45d435355c1f2b57980307abd81f3131083ec18f54fbbaa5ecb
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      modernizer-maven-annotations-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      net.opengis.fes-33.2.jar

      Description:

      Filter Encoding Specification Schema EMF Model

      File Path: /home/runner/.m2/repository/org/geotools/ogc/net.opengis.fes/33.2/net.opengis.fes-33.2.jar
      MD5: 9a2a1c8f9837bf05574c494d0ceede33
      SHA1: ec97317219bac7659bbb75fab0a57bae27d87abd
      SHA256:582bd9b233bce861254277b62bc5baf3e818384c7e4d981394e0f97c2c2c0f3c
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      net.opengis.fes-33.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      nimbus-jose-jwt-9.37.3.jar (shaded: com.google.code.gson:gson:2.10.1)

      License:

      Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/nimbusds/nimbus-jose-jwt/9.37.3/nimbus-jose-jwt-9.37.3.jar/META-INF/maven/com.google.code.gson/gson/pom.xml
      MD5: c13f373086992bab8989b514941891a6
      SHA1: ce159faf33c1e665e1f3a785a5d678a2b20151bc
      SHA256:d2b115634f5c085db4b9c9ffc2658e89e231fdbfbe2242121a1cd95d4d948dd7
      Referenced In Project/Scope: Planmonitor Wonen API:compile

      Identifiers

      CVE-2025-53864 (OSSINDEX)  

      github.com/sigstore/sigstore-java (gson) - Stack-based Buffer Overflow [CVE-2025-53864]

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
      CWE-121 Stack-based Buffer Overflow

      CVSSv2:
      • Base Score: MEDIUM (6.900000095367432)
      • Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

      References:

      Vulnerable Software & Versions (OSSINDEX):

      • cpe:2.3:a:com.google.code.gson:gson:2.10.1:*:*:*:*:*:*:*

      nimbus-jose-jwt-9.37.3.jar

      Description:

              Java library for Javascript Object Signing and Encryption (JOSE) and
        JSON Web Tokens (JWT)

      License:

      The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/com/nimbusds/nimbus-jose-jwt/9.37.3/nimbus-jose-jwt-9.37.3.jar
      MD5: a2ecba11e197522b7f963cbcf0b59715
      SHA1: 700f71ffefd60c16bd8ce711a956967ea9071cec
      SHA256:12ae4a3a260095d7aeba2adea7ae396e8b9570db8b7b409e09a824c219cc0444
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      nimbus-jose-jwt-9.37.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      oauth2-oidc-sdk-9.43.6.jar

      Description:

      		OAuth 2.0 SDK with OpenID Connection extensions for developing
		client and server applications.

      License:

      Apache License, version 2.0: https://www.apache.org/licenses/LICENSE-2.0.html
      File Path: /home/runner/.m2/repository/com/nimbusds/oauth2-oidc-sdk/9.43.6/oauth2-oidc-sdk-9.43.6.jar
      MD5: 7b90ae947014dca2dcba869735270a7f
      SHA1: a1842456e236f53e30946b2cb0bdeb17a44cdfd3
      SHA256:fee94eae5c4388e1de7fba84e3ada2b92d17bbbb28c630d4258a6f0615c1f303
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      oauth2-oidc-sdk-9.43.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      org.eclipse.emf.common-2.15.0.jar

      Description:

      EMF Common

      License:

      The Eclipse Public License Version 1.0: http://www.eclipse.org/legal/epl-v10.html
      File Path: /home/runner/.m2/repository/org/eclipse/emf/org.eclipse.emf.common/2.15.0/org.eclipse.emf.common-2.15.0.jar
      MD5: aa878b3e47b671ebc182108e6b4986c6
      SHA1: e0f1608a9855651e899d609b106ae78f903a2f04
      SHA256:bdb51f83b2daa51446b4ae5d606464e4b22fb7ef98f0477ac95de72551e2978a
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      org.eclipse.emf.common-2.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      org.eclipse.emf.ecore-2.15.0.jar

      Description:

      EMF Ecore

      License:

      The Eclipse Public License Version 1.0: http://www.eclipse.org/legal/epl-v10.html
      File Path: /home/runner/.m2/repository/org/eclipse/emf/org.eclipse.emf.ecore/2.15.0/org.eclipse.emf.ecore-2.15.0.jar
      MD5: 566797e186b122fb2cb64a699b1c2d2b
      SHA1: ccfc09c8b6a0d4fadde09216d8a07678d38998de
      SHA256:d5e3c25344fe27f14f514f5d6deb6e9cc3f6153fa462361261a8d49a3dfe9bbf
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      org.eclipse.emf.ecore-2.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      org.eclipse.emf.ecore.xmi-2.15.0.jar

      Description:

      EMF XML/XMI Persistence

      License:

      The Eclipse Public License Version 1.0: http://www.eclipse.org/legal/epl-v10.html
      File Path: /home/runner/.m2/repository/org/eclipse/emf/org.eclipse.emf.ecore.xmi/2.15.0/org.eclipse.emf.ecore.xmi-2.15.0.jar
      MD5: 7ac89d5bf958f0a2cfab049690f2e68c
      SHA1: 9aa1a584be1df1eb0ef8fae7123784af6e51f47a
      SHA256:712ff33fef916d2fa4d838992fccae85c4817a71639a9a5933fc44568ed6dc57
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      org.eclipse.emf.ecore.xmi-2.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      CVE-2023-4218 (OSSINDEX)  

      In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).


Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2023-4218 for details
      CWE-611 Improper Restriction of XML External Entity Reference

      CVSSv3:
      • Base Score: MEDIUM (5.0)
      • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

      References:

      Vulnerable Software & Versions (OSSINDEX):

      • cpe:2.3:a:org.eclipse.emf:org.eclipse.emf.ecore.xmi:2.15.0:*:*:*:*:*:*:*

      org.eclipse.xsd-2.12.0.jar

      Description:

      http://www.eclipse.org

      License:

      The Eclipse Public License Version 1.0: http://www.eclipse.org/legal/epl-v10.html
      File Path: /home/runner/.m2/repository/org/eclipse/xsd/org.eclipse.xsd/2.12.0/org.eclipse.xsd-2.12.0.jar
      MD5: 75fa52ffcf1c5d0d9f85ca9aa7a0e3de
      SHA1: 1d4c0da59535d3b79e73a91b1f161c97d3103668
      SHA256:0cbded7b090a2205c367b6d08f6ab32dc6857265b87673a4e51b77301ef1b953
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      org.eclipse.xsd-2.12.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      org.w3.xlink-33.2.jar

      Description:

      Xlink Schema EMF Model

      File Path: /home/runner/.m2/repository/org/geotools/ogc/org.w3.xlink/33.2/org.w3.xlink-33.2.jar
      MD5: d1969b97833cb45e2537a352015b6c4f
      SHA1: f58cdd49d4e4544abcf37c68afbfa7d22a5e04ee
      SHA256:cfa71fa32fcf3487ba0d1888c90d57a45574b7062a26a54f3fd1e5ccff8fa780
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      org.w3.xlink-33.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      picocontainer-1.2.jar

      Description:

      Please refer to the main website for documentation.

      File Path: /home/runner/.m2/repository/picocontainer/picocontainer/1.2/picocontainer-1.2.jar
      MD5: 3e2dea8daea96da71724cae35da4cc0c
      SHA1: c55e869dcdddd735acd8789b74863cde8d15d444
      SHA256:d729282e385ed351684e649e261b5b02399327c4713c6b100f122942f923412f
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      picocontainer-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers

      postgresql-42.7.7.jar

      Description:

      PostgreSQL JDBC Driver Postgresql

      License:

      BSD-2-Clause: https://jdbc.postgresql.org/about/license.html
      File Path: /home/runner/.m2/repository/org/postgresql/postgresql/42.7.7/postgresql-42.7.7.jar
      MD5: 7faa176ab9883b32d5f6ae8daa724f7b
      SHA1: 67f8093e8d8104c74bbf588392ac3229803f5d17
      SHA256:157963d60ae66d607e09466e8c0cdf8087e9cb20d0159899ffca96bca2528460
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      postgresql-42.7.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      prometheus-metrics-config-1.3.10.jar

      Description:

          Configuration for Prometheus metrics and exposition formats.

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-config/1.3.10/prometheus-metrics-config-1.3.10.jar
      MD5: 44a453f8599f67ab45ed6fbb941a450e
      SHA1: 4fe03e3cc60188a32385bbd4559368842815e435
      SHA256:d20ea739f1af130d67d6a8e67a0fd00169cd4e62dca7fa29c5f2ae656b7587f9
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      prometheus-metrics-config-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      prometheus-metrics-core-1.3.10.jar

      Description:

          Core Prometheus metric types

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-core/1.3.10/prometheus-metrics-core-1.3.10.jar
      MD5: 1111c9332ac84ec6ea67959369961fc0
      SHA1: 30c645782bc458a4868f59a9218c8395250a9f69
      SHA256:a856dbad954222a835c9085abc9a136586eb60495f17ef8ac903dfb8be3b4f15
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      prometheus-metrics-core-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      prometheus-metrics-exposition-formats-1.3.10.jar

      Description:

          Prometheus exposition formats.

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-exposition-formats/1.3.10/prometheus-metrics-exposition-formats-1.3.10.jar
      MD5: e079cfe0e3c7594fd99cd45f600cc54c
      SHA1: 9f8433c962ff720dc2c83f6c2e8af069dd36a898
      SHA256:a970d6de00a6fa3c9b62ebec1e45f70d42b88d16a19e5ef1621c1f9e89ba3c9f
      Referenced In Project/Scope: Planmonitor Wonen API:runtime
      prometheus-metrics-exposition-formats-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      prometheus-metrics-exposition-textformats-1.3.10.jar

      Description:

          Prometheus exposition text formats.

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-exposition-textformats/1.3.10/prometheus-metrics-exposition-textformats-1.3.10.jar
      MD5: f2a1e98beffcc218e2ff0f8a8bf3822c
      SHA1: 7475c21ee94b4c46ff0394a2df02b3d2c5443690
      SHA256:8dd118ac15a4162ac586f42ff69e8ca3efa8b1291d870c89a678f8f72de62e44
      Referenced In Project/Scope: Planmonitor Wonen API:runtime
      prometheus-metrics-exposition-textformats-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      prometheus-metrics-model-1.3.10.jar

      Description:

          Data model for read-only immutable Prometheus metrics snapshots.

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-model/1.3.10/prometheus-metrics-model-1.3.10.jar
      MD5: d099f2af51a118e73cdd3eb5e633e061
      SHA1: e74c144f68e0258cbbdea64d4e387e65ebae6329
      SHA256:945ace48cc8d9d09f87bac0d8fbbc13e70b29c5c74b103c6fee0b9df09343148
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      prometheus-metrics-model-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      prometheus-metrics-tracer-common-1.3.10.jar

      Description:

          Common Module for Prometheus integrations with distributed tracing libraries.

      License:

      http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/io/prometheus/prometheus-metrics-tracer-common/1.3.10/prometheus-metrics-tracer-common-1.3.10.jar
      MD5: d8d9e2bb7ec48e11c877b83eb9a9485e
      SHA1: abf6e4d1a41d96e37b200606e121697751794a45
      SHA256:835826a5728d9da8512186b67676d2ba68828713f0c0050753ce2bc718dd9acb
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      prometheus-metrics-tracer-common-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.micrometer/micrometer-registry-prometheus@1.15.3

      Identifiers

      re2j-1.8.jar

      Description:

      Linear time regular expressions for Java

      License:

      Go License: https://golang.org/LICENSE
      File Path: /home/runner/.m2/repository/com/google/re2j/re2j/1.8/re2j-1.8.jar
      MD5: 4240e655caa938c61ddbec8b92bfb061
      SHA1: 12c25e923e9e4fb1575a7640a2698745c6f19a94
      SHA256:7b52c72156dd7f98b3237a5b35c1d34fba381b21048c89208913ad80a45dfbd7
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      re2j-1.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      si-quantity-2.1.jar

      Description:

      Units of Measurement SI (Système International d'Unités)

      License:

      https://opensource.org/licenses/BSD-3-Clause
      File Path: /home/runner/.m2/repository/si/uom/si-quantity/2.1/si-quantity-2.1.jar
      MD5: 79685f60efca0051a6c579e1f1522542
      SHA1: 5617d2cf30898ffcc760807009fe947483bd867b
      SHA256:2cdcfd3e5395db5576f5efc0f224b5bbd0731f3ec7552afee6ee7b63a4f65820
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      si-quantity-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      si-units-2.1.jar

      Description:

      "Units of Measurement SI (Système International d'Unités)"

      License:

      "BSD 3-Clause";link="https://opensource.org/licenses/BSD-3-Clause"
      File Path: /home/runner/.m2/repository/si/uom/si-units/2.1/si-units-2.1.jar
      MD5: 43abf4b896da58d8bca0e87f412a8457
      SHA1: 7e812192ff1abbef6c79123249840c42b4e145d4
      SHA256:491ed9956ddf4b2e30180b087e1f6fb51debccb6d46785ae0d52026342013c51
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      si-units-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      slf4j-api-2.0.17.jar

      Description:

      The slf4j API

      License:

      https://opensource.org/license/mit
      File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
      MD5: b6480d114a23683498ac3f746f959d2f
      SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
      SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-jdbc@3.5.5

      Identifiers

      snakeyaml-2.4.jar

      Description:

      YAML 1.1 parser and emitter for Java

      License:

      Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/yaml/snakeyaml/2.4/snakeyaml-2.4.jar
      MD5: 29410ee3a987e3bff7b847933c591972
      SHA1: e0666b825b796f85521f02360e77f4c92c5a7a07
      SHA256:ef779af5d29a9dde8cc70ce0341f5c6f7735e23edff9685ceaa9d35359b7bb7f
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      snakeyaml-2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      spring-boot-3.5.5.jar

      Description:

      Spring Boot

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot/3.5.5/spring-boot-3.5.5.jar
      MD5: 6db471f8f3ebb155565a6675e9c0b802
      SHA1: 07d50b76ea4905d6c61fea5cb6556bc735c55da1
      SHA256:b6d577b1971c84a2b93416b6f014e4d01dfac72dcd62b97d5dc1c8322b30ebe7
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-boot-3.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      spring-boot-starter-web-3.5.5.jar

      Description:

      Starter for building web, including RESTful, applications using Spring MVC. Uses Tomcat as the default embedded container

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-web/3.5.5/spring-boot-starter-web-3.5.5.jar
      MD5: 90698591e4ab76a7c89eaa256066fb79
      SHA1: b9039cd5aa1feda2cfbd487233e343f66627f78f
      SHA256:623ae9fe4d0be0fe1ae9fd13510b48ffd31ec47022a5b7dfa54619a9b4325efa
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-boot-starter-web-3.5.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.b3p.pmw/planmonitor-wonen-api@1.2.3-SNAPSHOT

      Identifiers

      spring-core-6.2.10.jar

      Description:

      Spring Core

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/spring-core/6.2.10/spring-core-6.2.10.jar
      MD5: af0d1af4c30e8d1bf34ee8a4df9427fe
      SHA1: 82d9c797f9147b643ac0aab8a1a40e96f8d8a737
      SHA256:28122d6e4a48eb8b6a0e4e087a55e96e46fb4d5e7d5d2c74dc8051401d8101da
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-core-6.2.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-test@3.5.5

      Identifiers

      spring-security-core-6.5.3.jar

      Description:

      Spring Security

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-core/6.5.3/spring-security-core-6.5.3.jar
      MD5: 3e6d04732dcc386f495b20baf1eaf5fa
      SHA1: 1f526b23fad4f4db5c8cc1c30eed7abb82d32702
      SHA256:eebd37ff370289f51ac84b082297639c905bddf45931b40909802201ddadbe32
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-security-core-6.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      spring-security-oauth2-core-6.5.3.jar

      Description:

      Spring Security

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-oauth2-core/6.5.3/spring-security-oauth2-core-6.5.3.jar
      MD5: ca530d8b4de3c81f5993d5f3032a2c34
      SHA1: a7375808f7030850d76b2afd79c28a9ad403d3af
      SHA256:e9df33435321f94d9ac993763555d17c8a1501bc3fc56dd78a1183cb39442add
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-security-oauth2-core-6.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-oauth2-client@3.5.5

      Identifiers

      spring-security-web-6.5.3.jar

      Description:

      Spring Security

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-web/6.5.3/spring-security-web-6.5.3.jar
      MD5: 133653708f92ba2b941b97babbe6d90e
      SHA1: 29e50540ef987241f13ece8aa4297c524cdca5ed
      SHA256:cca21d916964a94dc12a9d54a78f1a8e0b3d8b61124c5501ad961c6bc7ff51d8
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-security-web-6.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-security@3.5.5

      Identifiers

      spring-security-web-6.5.3.jar: spring-security-webauthn.js

      File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-web/6.5.3/spring-security-web-6.5.3.jar/org/springframework/security/spring-security-webauthn.js
      MD5: d8d90d854a23d021c2e758b3eebce213
      SHA1: 7814ccd3adc2388f52b2658bf5fc30b457949ab6
      SHA256:044a2b8d7e995bff815565678631a2d3a5cc0aa96ef8ac35cfacb579307f77a9
      Referenced In Project/Scope: Planmonitor Wonen API:compile

      Identifiers

      • None

      spring-session-core-3.5.2.jar

      Description:

      Spring Session

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/session/spring-session-core/3.5.2/spring-session-core-3.5.2.jar
      MD5: f6306546a760b9599cdd9dc8ccc80175
      SHA1: 49185a868e00bb2ccb9226ba255e565393f8d5fc
      SHA256:cb7bbed7ddc307d50c094757e2f1776982cd595aa6d390cef2dcb657bc2a002a
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-session-core-3.5.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.session/spring-session-jdbc@3.5.2

      Identifiers

      spring-web-6.2.10.jar

      Description:

      Spring Web

      License:

      Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
      File Path: /home/runner/.m2/repository/org/springframework/spring-web/6.2.10/spring-web-6.2.10.jar
      MD5: af6fb18f86cfb8831fd3165f8385128b
      SHA1: 38c2f6633a44b385b6263294c38e5a4f217c005c
      SHA256:79b68c5252775e2fb67e945ea8f63d4872dc0d7b3ca35ec2576dc88f7bdb895e
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      spring-web-6.2.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      systems-common-2.1.jar

      Description:

      Parent POM for Unit Systems

      License:

      BSD;link=LICENSE
      File Path: /home/runner/.m2/repository/systems/uom/systems-common/2.1/systems-common-2.1.jar
      MD5: 8c3a56e267bbd26bb947c826e51bee2b
      SHA1: a173cc6f1fedc8b32498d6cc9599251baa72de27
      SHA256:b3cc1f3e604dcd18d3bba266db5fd01744bbd6b02f147377d4016585ba375cff
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      systems-common-2.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      tomcat-embed-core-10.1.44.jar

      Description:

      Core Tomcat implementation

      License:

      Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/10.1.44/tomcat-embed-core-10.1.44.jar
      MD5: d84c66998660ec8a93e355c613a236b6
      SHA1: 5e18d00936ca925c9249f1a8e77c0e8adf1d6287
      SHA256:8bb726735eb89bcef7a0c088db45428fd874dfdcf1775ab029d1a0d5490e68a0
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      tomcat-embed-core-10.1.44.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      tomcat-embed-el-10.1.44.jar

      Description:

      Core Tomcat implementation

      License:

      Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
      File Path: /home/runner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-el/10.1.44/tomcat-embed-el-10.1.44.jar
      MD5: efe1eb5d44a468aac375998d30c799e3
      SHA1: 6ee7685651c5eba1f4bef99f9dbb38b89d1a6cb6
      SHA256:8f02930d492d35b6eb987f3c8a2c63285eee739413131fb488668de8c62a4986
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      tomcat-embed-el-10.1.44.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.5

      Identifiers

      unit-api-2.2.jar

      Description:

      Units of Measurement Standard - This JSR specifies Java
        packages for modeling and working with measurement values, quantities
        and their corresponding units.

      License:

      BSD 3-Clause: LICENSE
      File Path: /home/runner/.m2/repository/javax/measure/unit-api/2.2/unit-api-2.2.jar
      MD5: 6cbc2bae2cb63cb4f85c5a187ee7dda2
      SHA1: 2b624f7334b94a82c74cb954ede9fb1179b8d30c
      SHA256:667487e1ee57298cdc767885f00b86c899b2fe7e72dc00b6560a6aa64f2bc9c4
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      unit-api-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      uom-lib-common-2.2.jar

      Description:

      Units Common Library

      License:

      BSD: LICENSE
      File Path: /home/runner/.m2/repository/tech/uom/lib/uom-lib-common/2.2/uom-lib-common-2.2.jar
      MD5: eb6a1296ea160f731ac81ab8a2c7fed7
      SHA1: 94a52abfdad3935c3769b4caab3ce9d384d8fb4e
      SHA256:a01ece1c236b7b15a431b0383bdddf06dc6d7a85290e9a62b63904e1e4e0dc0d
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      uom-lib-common-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-main@33.2

      Identifiers

      xml-commons-resolver-1.2.jar

      File Path: /home/runner/.m2/repository/org/apache/xml/xml-commons-resolver/1.2/xml-commons-resolver-1.2.jar
      MD5: 706c533146c1f4ee46b66659ea14583a
      SHA1: 3d0f97750b3a03e0971831566067754ba4bfd68c
      SHA256:47dcde8986019314ef78ae7280a94973a21d2ed95075a40a000b42da956429e1
      Referenced In Project/Scope: Planmonitor Wonen API:compile
      xml-commons-resolver-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.geotools/gt-wfs-ng@33.2

      Identifiers



      This report contains data retrieved from the National Vulnerability Database.
      This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
      This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
      This report may contain data retrieved from RetireJS.
      This report may contain data retrieved from the Sonatype OSS Index.