Dependency-Check Maven Plugin

Dependency-Check-Maven is a Maven Plugin that attempts to detect publicly disclosed vulnerabilities contained within project dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries.

Homepage POM file JAR file Javadoc

'org.owasp:dependency-check-maven:1.2.2'

<dependency>
	<groupId>org.owasp</groupId>
	<artifactId>dependency-check-maven</artifactId>
	<version>1.2.2</version>
</dependency>

<dependency org="org.owasp" name="dependency-check-maven" rev="1.2.2"/>

"org.owasp", "dependency-check-maven", "1.2.2"

Dependencies

Compile dependencies

org.apache.maven » maven-core » 3.0
org.apache.maven » maven-plugin-api » 3.0
org.apache.maven » maven-settings » 3.0
org.apache.maven.plugin-tools » maven-plugin-annotations » 3.0
org.apache.maven.plugins » maven-site-plugin » 3.0
org.apache.maven.reporting » maven-reporting-api » 3.0
org.owasp » dependency-check-core » 1.2.2
org.owasp » dependency-check-utils » 1.2.2

Test dependencies

junit » junit » 4.11
org.apache.maven.plugin-testing » maven-plugin-testing-harness » 2.1