diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
index df50edb21..588536842 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.java
@@ -440,34 +440,32 @@ public class FalsePositiveAnalyzer extends AbstractAnalyzer {
      * @param dependency the dependency that might be a duplicate
      * @param engine the engine used to scan all dependencies
      */
-    private void removeDuplicativeEntriesFromJar(Dependency dependency, Engine engine) {
+    private synchronized void removeDuplicativeEntriesFromJar(Dependency dependency, Engine engine) {
         if (dependency.getFileName().toLowerCase().endsWith("pom.xml")
                 || DLL_EXE_FILTER.accept(dependency.getActualFile())) {
             String parentPath = dependency.getFilePath().toLowerCase();
             if (parentPath.contains(".jar")) {
                 parentPath = parentPath.substring(0, parentPath.indexOf(".jar") + 4);
                 final List<Dependency> dependencies = engine.getDependencies();
-                synchronized (dependencies) {
-                    final Dependency parent = findDependency(parentPath, dependencies);
-                    if (parent != null) {
-                        boolean remove = false;
-                        for (Identifier i : dependency.getIdentifiers()) {
-                            if ("cpe".equals(i.getType())) {
-                                final String trimmedCPE = trimCpeToVendor(i.getValue());
-                                for (Identifier parentId : parent.getIdentifiers()) {
-                                    if ("cpe".equals(parentId.getType()) && parentId.getValue().startsWith(trimmedCPE)) {
-                                        remove |= true;
-                                    }
+                final Dependency parent = findDependency(parentPath, dependencies);
+                if (parent != null) {
+                    boolean remove = false;
+                    for (Identifier i : dependency.getIdentifiers()) {
+                        if ("cpe".equals(i.getType())) {
+                            final String trimmedCPE = trimCpeToVendor(i.getValue());
+                            for (Identifier parentId : parent.getIdentifiers()) {
+                                if ("cpe".equals(parentId.getType()) && parentId.getValue().startsWith(trimmedCPE)) {
+                                    remove |= true;
                                 }
                             }
-                            if (!remove) { //we can escape early
-                                return;
-                            }
                         }
-                        if (remove) {
-                            dependencies.remove(dependency);
+                        if (!remove) { //we can escape early
+                            return;
                         }
                     }
+                    if (remove) {
+                        dependencies.remove(dependency);
+                    }
                 }
             }
         }
diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java
index 23002517e..3c1c1526b 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/analyzer/VersionFilterAnalyzer.java
@@ -126,7 +126,7 @@ public class VersionFilterAnalyzer extends AbstractAnalyzer {
      * the dependency.
      */
     @Override
-    protected void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
+    protected synchronized void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
         String fileVersion = null;
         String pomVersion = null;
         String manifestVersion = null;
@@ -151,16 +151,14 @@ public class VersionFilterAnalyzer extends AbstractAnalyzer {
             if (fileMatch || manifestMatch || pomMatch) {
                 LOGGER.debug("filtering evidence from {}", dependency.getFileName());
                 final EvidenceCollection versionEvidence = dependency.getVersionEvidence();
-                synchronized (versionEvidence) {
-                    final Iterator<Evidence> itr = versionEvidence.iterator();
-                    while (itr.hasNext()) {
-                        final Evidence e = itr.next();
-                        if (!(pomMatch && VERSION.equals(e.getName())
-                                && (NEXUS.equals(e.getSource()) || CENTRAL.equals(e.getSource()) || POM.equals(e.getSource())))
-                                && !(fileMatch && VERSION.equals(e.getName()) && FILE.equals(e.getSource()))
-                                && !(manifestMatch && MANIFEST.equals(e.getSource()) && IMPLEMENTATION_VERSION.equals(e.getName()))) {
-                            itr.remove();
-                        }
+                final Iterator<Evidence> itr = versionEvidence.iterator();
+                while (itr.hasNext()) {
+                    final Evidence e = itr.next();
+                    if (!(pomMatch && VERSION.equals(e.getName())
+                            && (NEXUS.equals(e.getSource()) || CENTRAL.equals(e.getSource()) || POM.equals(e.getSource())))
+                            && !(fileMatch && VERSION.equals(e.getName()) && FILE.equals(e.getSource()))
+                            && !(manifestMatch && MANIFEST.equals(e.getSource()) && IMPLEMENTATION_VERSION.equals(e.getName()))) {
+                        itr.remove();
                     }
                 }
             }