A maven plugin by OWASP that checks if there are CVEs for any of the plugins used in a maven project:
$ mvn org.owasp:dependency-check-maven:check |
A very preliminary view shows there are false positives.
Surrender your ego
A maven plugin by OWASP that checks if there are CVEs for any of the plugins used in a maven project:
$ mvn org.owasp:dependency-check-maven:check |
A very preliminary view shows there are false positives.