diff --git a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
index 3de3f99ee..8d8f01cd1 100644
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java
@@ -21,7 +21,6 @@ import java.io.Serializable;
 import java.util.Set;
 import java.util.SortedSet;
 import java.util.TreeSet;
-import java.util.Iterator;
 
 /**
  * Contains the information about a vulnerability.
@@ -390,15 +389,15 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
         final StringBuilder sb = new StringBuilder("Vulnerability ");
         sb.append(this.name);
         sb.append("\nReferences:\n");
-        for (Iterator i = this.references.iterator(); i.hasNext();) {
+        for (Reference reference : this.references) {
           sb.append("=> ");
-          sb.append(i.next());
+          sb.append(reference);
           sb.append("\n");
         }
         sb.append("\nSoftware:\n");
-        for (Iterator i = this.vulnerableSoftware.iterator(); i.hasNext();) {
+        for (VulnerableSoftware software : this.vulnerableSoftware) {
           sb.append("=> ");
-          sb.append(i.next());
+          sb.append(software);
           sb.append("\n");
         }
         return sb.toString();