OWASP Foundation CycloneDX Maven plugin 2.7.10 1cc7f6a0382f8bb2f758d6a6ea401d1b a4297947a1f2d7d453105db542651614bbd37f38 bd0fdd8f2f2116eee5e715aeac1580f19eb7a10ec2b6f805b53567067658e872 9cde8352a427e10b96cae01348fc7cfe5d4aa9cd0a5e5dd93b414ce3bb7d112993c3b3004e53af52567fbfa16de0704ec59a5556a635ad70571fd124ae389f39 93d7bf5b5c735347edfbfbd66810273ca840f9a322b816d22d44c3d8e8255c09e86570bb23712aeb0cade0f478be5aeb 4467f16e9ca32190a6e49c65339eb28ee5e8c78f4e918fcf95128a4b7648898de56ccb43eacfad0c9391ef8cdb7d629a ed2996c99b483e969221d5e9a40f562ea2ab85442d361d72a90e85266a3ed781 c8e6ea9ddc38edc77e284b3bf541663e84752bdc59ed1935799847a48a14ea2fa531b61008fefcba37d732a56702a11ac112437b9b80d18f4ecc8ef0ecfb32cf The Apache Software Foundation org.apache.logging.log4j log4j-web 2.23.1 The Apache Log4j support for web servlet containers Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-web@2.23.1?type=jar https://logging.apache.org/log4j/2.x/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/log4j/2.x/download.html https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml makeBom compile,provided,runtime,system enabled GlassFish Community javax.servlet javax.servlet-api 4.0.1 Java.net - The Source for Java Technology Collaboration required b80414033bf3397de334b95e892a2f44 a27082684a2ff0bf397666c3943496c44541d1ca 83a03dd877d3674576f0da7b90755c8524af099ccf0607fc61aa971535ad7c60 763dec9801f647b1a45e492eb2a67f6a60fc608bef4738eb7b1a92d93f1f6db02b32f4c6553d4557c320dfc25c0ea0b9854c59e793262b6ca453c71caf05ef38 9f4522458bdb1c7cbc0e88271d1e4326193c8e4d422ef8b75c3dcadf0bf86a91389890ab2d25a8cc6cf276f625475cd3 be8a209d1912492e86e611fc42e59512a89c464aa78cea3c5badd3290a6564d8bde55933a7c5d8113d9acc848a382751 f94dd8bf0908ca77e5213d166035a427e658ff4a59d35daa7e281c5fb2fc390a 3abbd3cad570557be24b69f700c217c7c8e1736d4db74f3ac28dd96b80822ac1c7631b3a9a15b9738754a3d68e4e7f13b732820eb8b8e8e329690ec2a23c621c (CDDL-1.0 OR GPL-2.0-with-classpath-exception) pkg:maven/javax.servlet/javax.servlet-api@4.0.1?type=jar https://javaee.github.io/servlet-spec/ https://maven.java.net/service/local/staging/deploy/maven2/ https://github.com/javaee/servlet-spec/issues servlet-spec@javaee.groups.io https://github.com/javaee/servlet-spec The Apache Software Foundation org.apache.logging.log4j log4j-api 2.23.1 The Apache Log4j API required bee2e2dcbeeb983bdb6b71c9c3476b6a 9c15c29c526d9c6783049c0a77722693c66706e1 92ec1fd36ab3bc09de6198d2d7c0914685c0f7127ea931acc32fd2ecdd82ea89 2a296246b0059ff5fe5c26e2ba3f48aa99e38d7658d613fbd02f32c6d4262f93a67525e6cc4d767fa5c2ab0e39e70bb3c0d3966d38ea4f01608588c084af3162 3937cb646009763a94b199a0d6c0065441b9914e2b25e3d58db523874ea760276b445ff300015948d3a813217e0ee404 16ea3301ca37fbede2927399209b403066621789c4f1bee531b5153f27b652458900697fb828170d541a5f3b82e77fb7 0a3dfffc0f362b0a86ad0cd8b36da313c7500a8bdecb0ad7e628c2637d933548 2e230994b8cb7442a2073d60f89c27703ffc78b613dec7891bbfa42e91c95ed684b387ed65df3ee48559ccc06e6877462748f7e2ef985082c8db0741feb576a8 Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-api@2.23.1?type=jar https://logging.apache.org/log4j/2.x/log4j/log4j-api/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/logging-parent/latest/#distribution https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml The Apache Software Foundation org.apache.logging.log4j log4j-core 2.23.1 The Apache Log4j Implementation required 34fad2df975cf874a2fdf4b797122f16 905802940e2c78042d75b837c136ac477d2b4e4d 7079368005fc34f56248f57f8a8a53361c3a53e9007d556dbc66fc669df081b5 0862144475f4a5ed67c8ab4bf163e02a89c1cdde18cd3dd3811075bd7a4cd33bab5cb824c3dac8d16afa74e9e267a1120b6c18bbf3d586f37d740e06a1af1b15 d2608dd33e2dd3e50a663d942660db80bb62c39afa3fe4155de6bad235b4ee637f97488cb21e9d22750bdd279a44634a a4d3ebc98bba16601879fe05ca40c4ca442e8d8177795d286c19ac14040b750f1a9adbffbea982e4636bdd8798918883 80fc801f0be9b360024407409c8eae4d5fdfbfb520ec968500a9196446d77817 1d7923e1bf2bf28f9e5f0990b36cff5c5e8b3409ae848ee903c970a0af22da3d4ae81dfb335d2ecfb3cdf3f09dec08bf2d2f1f8dd2702c766fa373975f551205 Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-core@2.23.1?type=jar https://logging.apache.org/log4j/2.x/log4j/log4j-core/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/logging-parent/latest/#distribution https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml Bndtools biz.aQute.bnd biz.aQute.bnd.annotation 7.0.0 bnd Annotations Library required 0339bd011cf13131841417c0de7452f5 8ad279ebf0d04ea89c5ce4d934189d0d16bb6d50 a0090390963dd2092f8abb6d76092bab1696494d2e31b127f5b1b2bf29c08638 6e96cffe60466e9bd5730c93686a6ae252958be6202ba07d235239f0033b9a1cc53faad327ddaebab9eab30825b881acc6296777851028c7fad5668cbbe99c81 f51cd44911333bf7c2f58bdf7440062c138005c8332be3bf69b0ab0d9d93af4d1e1dde3a4eae5bfae92e835b70e6f561 7e93113ee29b6fbed02fbeac096582476b0b7c04703a54ecf0c3c89cab6fff06bc486d072c78f5a19e2c7da1c603b9d2 e0a35d4ec2afe652ef58a37a9f2491349527e86c7a1b37d13436fdfef77f32b2 62783affe413b5419c08008094a43e63712c65d6e4a0cd345e58e1a7c66dc32a08f2e68852d14641d30da31d665091c19571809145f769480cb0b80e0ad003e9 (Apache-2.0 OR EPL-2.0) https://opensource.org/licenses/Apache-2.0,https://opensource.org/licenses/EPL-2.0 pkg:maven/biz.aQute.bnd/biz.aQute.bnd.annotation@7.0.0?type=jar https://bnd.bndtools.org/ https://github.com/bndtools/bnd OSGi Alliance org.osgi org.osgi.resource 1.0.0 OSGi Companion Code for org.osgi.resource Version 1.0.0. required 7d857a4203e2996fab0cf070133e43df 343c88949132984b3f2d4175a72c40b77dc65619 81fc50f1f1d38a4af28e131907d4afe213249aab05060484edca0e60c4af9b4a 4e798790856f83f50832db80bfab64dfceeff1c509d7dde43e74a9f9192ea7a7d5ea77b9b1e81291fa6ba3dcef5ab8fa791ca8093a72a08d7ca6f6499e13e506 73038c395166552b64b6b5469bd8056584f48d19b5762df2e8bd2770405ed8f6071e397a87d9a7ed39f8c2e0e8ab85b2 e06c8a460b3bf06d6cb22237aeffa6afd2eadd9461096c67b768a14603ad8aaa88f891d03cf0a273a99d86906c1c8eb3 1097cfd20e80ce368fd828a23ad7c32a202cebd92106f6ebb88ba55ca74349ee d7b710e1e0484badb875f326c602c90df6705df48b0f057320919a5255d3ecbddd7053eabc68787480a70aebd7e553e9f51728112e1fa0846c849366b7e8d69b Apache-2.0 pkg:maven/org.osgi/org.osgi.resource@1.0.0?type=jar http://www.osgi.org/ https://osgi.org/git/build.git OSGi Alliance org.osgi org.osgi.service.serviceloader 1.0.0 OSGi Companion Code for org.osgi.service.serviceloader Version 1.0.0. required 4943f0102a6d893c4dd77f369a5f0537 3728ff37909c6a3c1870b3e851342d9f2bd3cc63 8f876ce2a9aa4e95b1f1952950255103e2487425050a654f3285447ba601c154 a7def4cb7a8ed992645faa80a780e0b30bd39c1587b5bcb65fe170d10842d0d880c2849edd50c64807fe0e4b9cc0051337d1b161d0d390465d9e63a762861c49 1e480694b8a541da4cd1e044d3f3ea3cd55152515ac022b80d865b6654242506c2138daabb4e71c30d36b12b9aaf676d 7f076af200ae9c2bd9f235b949aee01a1a758c8aac10fee8b98ec2497197d2029117d5627eb0eabd9b42979eb1baa009 83b1dce69c4c899176eb6e368e434ecb77dfed7c436530b8c5d08b9b6f2430aa 5debde53a7ead231dcd907467d59728f59cae4eb3b967c19808f78890bd97d2f04657cad9c093e88f9818338b0b3b38a57c66400ebcff61fbb26d18e9f7bf8ed Apache-2.0 pkg:maven/org.osgi/org.osgi.service.serviceloader@1.0.0?type=jar http://www.osgi.org/ https://osgi.org/git/build.git Google LLC com.google.errorprone error_prone_annotations 2.24.1 Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. required 345bbebec9b3c68d2638c0f6809436dc 32b299e45105aa9b0df8279c74dc1edfcf313ff0 19fe2f7155d20ea093168527999da98108103ee546d1e8b726bc4b27c31a3c30 75a8d055b90fc2be2198d8502299b5e4f08a81d87b15334a788a719e155f006b23c3648a4574be831de932db212593a2b004584948c394adb8272ed7d5844c94 b474fabb3ed301583358187787cb89161d4ea3a5e46d66aaf4317bfa74cba0063f53872c30fbc130af505537ac72f9c3 5d5456af3f5d809c6e1fbe13b6b65c71b442dcff66e087bf1be3958e582c7565135cf61f7b3bff55cee6d27a74365d01 39119e15f4769fdd5b018c1c9cae88c78e9454e05666731e8a703f47ed903693 d25c633ed33e217d71076ecf76040c13e3d8dfcc9eda1a2300a718a8699317de0b87680bfa5e499bf8c51f133408ab24c93e47393aa8c4300e92db0d683b48d6 Apache-2.0 pkg:maven/com.google.errorprone/error_prone_annotations@2.24.1?type=jar https://errorprone.info/error_prone_annotations https://github.com/google/error-prone/error_prone_annotations Eclipse Foundation org.osgi osgi.annotation 8.1.0 OSGi Annotation Release 8, Annotations for use in compiling bundles required 3bcfab9c55a2bcc158aa4953084021b6 59d42736bcc0af2144ba5c1a12ff7c08ea4b7e12 68afeb86a5322675d4dfe3df5863c7d8a37b34c18e3a8e41553f1ab3ac15d78f a190fa888fd22c2c31455d672b3e50ca79fa9f02269b9d45f6e6fc189dc8f90d20663e290f151a851e010b52ce87e62dc5079253c3e59caa72f11ea6248ffb26 581c88a48fc7df5edae29712f943ef780fb0f32b4eee10dfcaa879f122f19fd1645b961b38bc0a97dd894d89952fdb68 ab4fab76440671def19eb0ca3370d8f0f8a915df4ec92e5aa2b9e12a4b97aa49301c51ccd28a2d2718beec6fe8105bc6 6849ce4a9cad5dbf2dce1ad817442821a633f8ae10ab1ccde69ac46d26127a46 3c3ce68b5ae1ea157f78d72a210cc152375fd8819a7c85ed5c718fbe387ffb522715e1b0dfa5094caed1e8bbe4b8fcc6d2aadd1cd3851f4c0fffebda5acaebba Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/osgi.annotation@8.1.0?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi Eclipse Foundation org.osgi org.osgi.annotation.bundle 2.0.0 OSGi Companion Code for org.osgi.annotation.bundle Version 2.0.0 required 19115314a0ce4cfb711a811dcc0be0a3 f5c2cd6e670c3c5d440d3003efd5ef2ead5c68eb b9c9546ec5be3ebc2e85ba4919150ad76d64594805282fc895133a47d264a7ae f16b8983240ba3c08d6bc78e2eae92e89eb528f32a705961d90b463def0a5ed1ba08cc3d0be38b5dcfb946c6f759df772e122fb769e58e8c20aa79a489a1fd21 88217b7d3a2d9a0a3f005162b95d68ba2bd29629688b2c32e93e4587d89fe6bd468f5c62ef422ebf2b609d402e62ff56 c7ee64dd3e235d900d01d8629b82245303d34a006e1edcd2571ef736d9c6256dcb718be326ad4909cb6d2cea26118ea9 9adcacb036caf30d17a13fcd5952a35e011678b1dbfabafdff73dba065ace8a3 76bec6bb2cdbc8da043760a7aedd51203c8d70b740c9b8de0ba6b0cf9ad991a58059566e7f62dee30606f32d267b2596d5bd5e885c73e336ae7fff6cf7f970db Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/org.osgi.annotation.bundle@2.0.0?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi Eclipse Foundation org.osgi org.osgi.annotation.versioning 1.1.2 OSGi Companion Code for org.osgi.annotation.versioning Version 1.1.2 required a61b3b8d09c85ad296c61e21bf77ec70 dc3cd4ec96c0b3c5459fe00694bd73a816ecf93e f51f235e80df8ffbc30ef1b557b6ea38a696632d675404ec117e952978b8b863 a4c612bec624a168f25f0923d51925bbc914686673eeebd5b2442998b876f05855e2b0a6e6e9aca4a6533ed3156b0d24f94c3e508ee9778e1b2e469be318afa3 68a2046f083a2e77304622a56d07c0e73ba88534af4a87b5428cebf8b638c40ce21bbac089a8b5520ad488c946b633ea 930734f6979650191d51cd8bf1f9ab4548d307950735aa98e2dbda7aecc19b49d01a3b968824f6df2ffafce65e122c60 513392d0e8ddd873d04c5cf4f402a9cfe094413832bb859fe37b70fd0512dd12 3d2bd7d2eb784a9fab4b09c42adb0722363079235340f1915bb82a99f1c5e616ee8f3dc34d2c90b941d2651dcb4f393c7fea3e23b579456a696604148d10f22b Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/org.osgi.annotation.versioning@1.1.2?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi com.github.spotbugs spotbugs-annotations 4.8.3 Annotations the SpotBugs tool supports required cd5917b77643c3a7ba5420aea78f940c 05d2dc4ca5b632976371155252499819aea372ed e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b 1a64f6911a94654d440ce4918395af0cbdee79696acbcf727af79134b02e6be17956fffa8f39e05fa9e22e336041443eb31165b338164b48a1c70f947e66d68b 6875428ea8454185df4ac50b6551f9d9ba7d9152083eec2ecc5046aa464767982abfe0733c258f2dfed9fc3f2ad68add 25422667753a299021150558bf094a6bd5a521a0b736d94866f807f3246b11a0574e9e480f85c7a894258979afdaedd4 116a3c20fdd3253ab1cfc1bdc95c8d4eb3c454b3f7d89af1d2b87bde4b890c88 0e9ee42600abe9496fedc2d82cd71e51fd05f26c0094c1710025d3931b79507a3502a9f9e83fddefeb6ed784123c7faa7251bd58368e78cdcc218481cd05045d LGPL-2.1-only pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3?type=jar https://spotbugs.github.io/ https://github.com/spotbugs/spotbugs/ com.google.code.findbugs jsr305 3.0.2 JSR305 Annotations for Findbugs required dd83accb899363c32b07d7a1b2e4ce40 25ea2e8b0c338a877313bd4672d3fe056ea78f0d 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7 bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804 ca0b169d3eb2d0922dc031133a021f861a043bb3e405a88728215fd6ff00fa52fdc7347842dcc2031472e3726164bdc4 9903fd7505218999f8262efedb3d935d64bcef84aae781064ab5e1b24755466b269517cada562fa140cd1d417ede57a1 223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff 3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6 Apache-2.0 pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar http://findbugs.sourceforge.net/ https://oss.sonatype.org/service/local/staging/deploy/maven2/ https://code.google.com/p/jsr-305/