Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: 

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
HTMLToPDF-2.1.10.jar: commons-logging-1.2.jarpkg:maven/commons-logging/commons-logging@1.2 0116
HTMLToPDF-2.1.10.jar: fontbox-2.0.29.jarpkg:maven/org.apache.pdfbox/fontbox@2.0.29 034
HTMLToPDF-2.1.10.jar: graphics2d-0.43.jarpkg:maven/de.rototor.pdfbox/graphics2d@0.43 024
HTMLToPDF-2.1.10.jar: icu4j-73.2.jarcpe:2.3:a:icu-project:international_components_for_unicode:73.2:*:*:*:*:*:*:*
cpe:2.3:a:unicode:international_components_for_unicode:73.2:*:*:*:*:*:*:*
pkg:maven/com.ibm.icu/icu4j@73.2 0Low85
HTMLToPDF-2.1.10.jar: jsoup-1.16.1.jarcpe:2.3:a:jsoup:jsoup:1.16.1:*:*:*:*:*:*:*pkg:maven/org.jsoup/jsoup@1.16.1 0Highest39
HTMLToPDF-2.1.10.jar: log4j-core-2.20.0.jarcpe:2.3:a:apache:log4j:2.20.0:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-core@2.20.0 0Highest40
HTMLToPDF-2.1.10.jar: openhtmltopdf-core-1.0.10.jarpkg:maven/com.openhtmltopdf/openhtmltopdf-core@1.0.10 024
HTMLToPDF-2.1.10.jar: openhtmltopdf-pdfbox-1.0.10.jarcpe:2.3:a:apache:pdfbox:1.0.10:*:*:*:*:*:*:*pkg:maven/com.openhtmltopdf/openhtmltopdf-pdfbox@1.0.10 0High20
HTMLToPDF-2.1.10.jar: openhtmltopdf-rtl-support-1.0.10.jarpkg:maven/com.openhtmltopdf/openhtmltopdf-rtl-support@1.0.10 022
HTMLToPDF-2.1.10.jar: pdfbox-2.0.29.jarcpe:2.3:a:apache:pdfbox:2.0.29:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/pdfbox@2.0.29 0Highest32
HTMLToPDF-2.1.10.jar: xmpbox-2.0.29.jarcpe:2.3:a:apache:pdfbox:2.0.29:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/xmpbox@2.0.29 0Highest32
HTMLToPDF-2.1.10.jar 011

Dependencies (vulnerable)

HTMLToPDF-2.1.10.jar: commons-logging-1.2.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636

Identifiers

HTMLToPDF-2.1.10.jar: fontbox-2.0.29.jar

Description:

    The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\fontbox-2.0.29.jar
MD5: a72b60d8c93807ba29c4d24cc09d58a3
SHA1: 6e0cd64e30d019d8b98cba9201b979934e4cdae6
SHA256:a4efc56064dd34caf8f38a192c04b32422c72ef3c964c0fbbbe8a6b4564d2830

Identifiers

HTMLToPDF-2.1.10.jar: graphics2d-0.43.jar

Description:

Graphics2D Bridge for Apache PDFBox

File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\graphics2d-0.43.jar
MD5: a2d286e16c0d6cdd2c3ab807389880ed
SHA1: 4593312943493cc04bd14ca4127e8430fafdcd68
SHA256:054c48c1d0a1c53d173e157ccfed65c51945f0597e3aa1bf91f28ac8076931ce

Identifiers

HTMLToPDF-2.1.10.jar: icu4j-73.2.jar

Description:

    International Component for Unicode for Java (ICU4J) is a mature, widely used Java library
    providing Unicode and Globalization support 
  

License:

Unicode/ICU License: https://raw.githubusercontent.com/unicode-org/icu/main/icu4c/LICENSE
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\icu4j-73.2.jar
MD5: 23a23de561dd4f83e13d46e7273a35de
SHA1: 61ad4ef7f9131fcf6d25c34b817f90d6da06c9e9
SHA256:29280822f4b0796acef1f79b90b1d0c1edd86c10e876a848e04b8a6298a16bf9

Identifiers

  • pkg:maven/com.ibm.icu/icu4j@73.2  (Confidence:High)
  • cpe:2.3:a:icu-project:international_components_for_unicode:73.2:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:unicode:international_components_for_unicode:73.2:*:*:*:*:*:*:*  (Confidence:Low)  

HTMLToPDF-2.1.10.jar: jsoup-1.16.1.jar

Description:

jsoup is a Java library for working with real-world HTML. It provides a very convenient API for fetching URLs and extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.

License:

The MIT License: https://jsoup.org/license
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\jsoup-1.16.1.jar
MD5: ed35af29909c856c8ee4c4001d660e0f
SHA1: ae551410a16433984cd4a8603622fafa9d8299f0
SHA256:1f115726540ddf71958c14bc517ebfc49cf481e91cd917b0face84f01272e901

Identifiers

HTMLToPDF-2.1.10.jar: log4j-core-2.20.0.jar

Description:

The Apache Log4j Implementation

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\log4j-core-2.20.0.jar
MD5: 20bd40d026d35a93fe710acb141e93da
SHA1: eb2a9a47b1396e00b5eee1264296729a70565cc0
SHA256:6137df848cdaed9f4d5076f75513c6c85da80b953f4e7acca38098b770763f55

Identifiers

HTMLToPDF-2.1.10.jar: openhtmltopdf-core-1.0.10.jar

Description:

Open HTML to PDF is a CSS 2.1 renderer written in Java.  This artifact contains the core rendering and layout code.

License:

GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\openhtmltopdf-core-1.0.10.jar
MD5: 3a71c751b039576e64db702941185600
SHA1: cab5dcb31834bd86ffb1b1f82811a37fcea63cd2
SHA256:3e6fd2250d833d500b7cd48b7a896700d0c33bd9f77a219e820493b01566eda3

Identifiers

HTMLToPDF-2.1.10.jar: openhtmltopdf-pdfbox-1.0.10.jar

Description:

Openhtmltopdf is a CSS 2.1 renderer written in Java. This artifact supports PDF output with Apache PDF-BOX 2.

License:

GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\openhtmltopdf-pdfbox-1.0.10.jar
MD5: 1a0db19be8e308ae5326833e7e08b674
SHA1: 4041442fda47e760985cea8005d51a830031420f
SHA256:7de90df1b3ecf84e6f0daf808d724c11142007a2f22bff1936479bf17251d31a

Identifiers

HTMLToPDF-2.1.10.jar: openhtmltopdf-rtl-support-1.0.10.jar

Description:

Open HTML to PDF is a CSS 2.1 renderer written in Java.  This artifact supports right-to-left text mixed with left-to-right text.

License:

GNU Lesser General Public License (LGPL), version 2.1 or later: http://www.gnu.org/licenses/lgpl.html
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\openhtmltopdf-rtl-support-1.0.10.jar
MD5: b4d6e661e1abfd71335963dde9a3f347
SHA1: 074232c12ffb569ae287c6d0d983811880d7172f
SHA256:5675c0b56d613b15446f9d0922d89781af48f05331326a87bdb3d1775c703215

Identifiers

HTMLToPDF-2.1.10.jar: pdfbox-2.0.29.jar

Description:

        The Apache PDFBox library is an open source Java tool for working with PDF documents.
    

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\pdfbox-2.0.29.jar
MD5: abbc429999c3b2522f1055ddde2b5111
SHA1: 875ee3970cc5000bc33e2daa427a07174482ca5a
SHA256:69728a41a6e9feb98399560a31c1fe1b6467a66d1a8e33e677da24fda9263937

Identifiers

HTMLToPDF-2.1.10.jar: xmpbox-2.0.29.jar

Description:

    The Apache XmpBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. It can be used to parse, validate and create xmp contents.
    It is mainly used by subproject preflight of Apache PDFBox. 
    XmpBox is a subproject of Apache PDFBox.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar\META-INF\lib\xmpbox-2.0.29.jar
MD5: 0cf6b5fbe539373c3bab5bb2f0e65b18
SHA1: 142545d81d6738541df9736df479f84ecd58950a
SHA256:a2b499010d5e5fc6996d759f8d126bd8da522b5892d8c1f9863e5c349ac2433d

Identifiers

HTMLToPDF-2.1.10.jar

File Path: C:\Users\u405334\Documents\Plugins\dependency-check\HTMLToPDF-2.1.10.jar
MD5: e27efe067cb120b436a8f5191b266886
SHA1: a063ab4cf49292cb802ec2ef66e7dc0c47089847
SHA256:63d1db4cb921faa004f95a63743e9369e4a1718d848b1b6d33f753e027bee9dd

Identifiers

  • None


This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.