Check if you have vulnerable maven dependencies

A maven plugin by OWASP that checks if there are CVEs for any of the plugins used in a maven project:

$ mvn org.owasp:dependency-check-maven:check

A very preliminary view shows there are false positives.

Leave a Reply

Your email address will not be published.

Notify me of followup comments via e-mail. You can also subscribe without commenting.

This site uses Akismet to reduce spam. Learn how your comment data is processed.