Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Lombok Maven Plugin

org.projectlombok:lombok-maven-plugin:1.18.20.0

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
commons-lang3-3.8.1.jarpkg:maven/org.apache.commons/commons-lang3@3.8.1 042
lombok-1.18.20.jarpkg:maven/org.projectlombok/lombok@1.18.20 024
plexus-build-api-0.0.7.jarpkg:maven/org.sonatype.plexus/plexus-build-api@0.0.7 026
plexus-utils-3.2.1.jarcpe:2.3:a:plexus-utils_project:plexus-utils:3.2.1:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-utils@3.2.1 0Highest27

Dependencies

commons-lang3-3.8.1.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.8.1/commons-lang3-3.8.1.jar
MD5: 540b1256d887a6993ecbef23371a3302
SHA1: 6505a72a097d9270f7a9e7bf42c4238283247755
SHA256:dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68
Referenced In Project/Scope:Lombok Maven Plugin:compile

Identifiers

lombok-1.18.20.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: /home/runner/.m2/repository/org/projectlombok/lombok/1.18.20/lombok-1.18.20.jar
MD5: e863b4be4fe03d2da763679ba1a9079b
SHA1: 18bcea7d5df4d49227b4a0743a536208ce4825bb
SHA256:ce947be6c2fbe759fbbe8ef3b42b6825f814c98c8853f1013f2d9630cedf74b0
Referenced In Project/Scope:Lombok Maven Plugin:compile

Identifiers

plexus-build-api-0.0.7.jar

File Path: /home/runner/.m2/repository/org/sonatype/plexus/plexus-build-api/0.0.7/plexus-build-api-0.0.7.jar
MD5: 49f0f8c6bdf2687e358870a4fc1559c6
SHA1: e6ba5cd4bfd8de00235af936e7f63eb24ed436e6
SHA256:934171640fbd3d2495c50b79b0d9adb11e2c83e65bad157df8fe34bcac0ff798
Referenced In Project/Scope:Lombok Maven Plugin:compile

Identifiers

plexus-utils-3.2.1.jar

Description:

A collection of various utility classes to ease working with strings, files, command lines, XML and
    more.
  

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-utils/3.2.1/plexus-utils-3.2.1.jar
MD5: a1b7cb2baeae4bb4c3a016417d5d3cb0
SHA1: 13b015768e0d04849d2794e4c47eb02d01a0de32
SHA256:8d07b497bb8deb167ee5329cae87ef2043833bf52e4f15a5a9379cec447a5b2b
Referenced In Project/Scope:Lombok Maven Plugin:compile

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the NPM Public Advisories.
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.