Dependency-Check Core

Σημείωση: Υπάρχει μια νέα έκδοση για αυτό το τεχνούργημα: 10.0.1

Dependency-Check Core

dependency-check-core is the engine and reporting tool used to identify and report if there are any known, publicly disclosed vulnerabilities in the scanned project's dependencies. The engine extracts meta-data from the dependencies and uses this to do fuzzy key-word matching against the Common Platfrom Enumeration (CPE), if any CPE identifiers are found the associated Common Vulnerability and Exposure (CVE) entries are added to the generated report.

<dependency>
    <groupId>org.owasp</groupId>
    <artifactId>dependency-check-core</artifactId>
    <version>6.1.6</version>
</dependency>

compile group: 'org.owasp', name: 'dependency-check-core', version: '6.1.6'

compile 'org.owasp:dependency-check-core:6.1.6'

libraryDependencies += "org.owasp" % "dependency-check-core" % "6.1.6"

<dependency org="org.owasp" name="dependency-check-core" rev="6.1.6"/>

@Grapes(
            @Grab(group='org.owasp', module='dependency-check-core', version='6.1.6')
        )

[org.owasp/dependency-check-core "6.1.6"]

'org.owasp:dependency-check-core:jar:6.1.6'

Compile εξαρτήσεις (31)

Ομάδα / Τεχνούργημα	Έκδοση	Νεότερη Έκδοση
org.apache.commons » commons-text	1.9	NA
com.fasterxml.jackson.core » jackson-databind	2.12.3	2.17.1
org.apache.lucene » lucene-core	8.8.2	9.9.1
org.apache.lucene » lucene-analyzers-common	8.8.2	8.10.1
com.h2database » h2	1.4.199	2.1.210
org.apache.lucene » lucene-queryparser	8.8.2	9.9.1
com.fasterxml.jackson.module » jackson-module-afterburner	2.12.3	2.17.1
com.github.package-url » packageurl-java	1.2.0	1.4.2
org.jsoup » jsoup	1.13.1	1.17.1
commons-validator » commons-validator	1.7	NA
com.google.guava » guava	30.1.1-jre	33.0.0-jre
com.moandjiezana.toml » toml4j	0.7.2	NA
org.slf4j » slf4j-api	1.7.30	2.0.12
org.apache.commons » commons-lang3	3.12.0	NA
commons-io » commons-io	2.8.0	2.11.0
com.vdurmont » semver4j	3.1.0	NA
org.apache.velocity » velocity-engine-core	2.3	NA
org.anarres.jdiagnostics » jdiagnostics	1.0.6	1.0.7
us.springett » cpe-parser	2.0.2	2.0.3
org.sonatype.ossindex » ossindex-service-client	1.7.0	1.8.0
org.whitesource » pecoff4j	0.0.2.1	NA
org.apache.commons » commons-compress	1.20	1.21
commons-collections » commons-collections	3.2.2	NA
org.apache.commons » commons-jcs-core	2.2.1	NA
com.h3xstream.retirejs » retirejs-core	3.0.2	3.0.3
org.jetbrains » annotations	20.1.0	24.0.0
org.owasp » dependency-check-utils	6.1.6	10.0.1
com.hankcs » aho-corasick-double-array-trie	1.2.2	1.2.3
org.glassfish » javax.json	1.1.4	RELEASE
commons-beanutils » commons-beanutils	1.9.4	NA
com.github.spotbugs » spotbugs-annotations	4.2.3	4.8.6

Test εξαρτήσεις (27)

Ομάδα / Τεχνούργημα	Έκδοση	Νεότερη Έκδοση
org.dojotoolkit » dojo-war	1.3.0	1.17.3
org.apache.lucene » lucene-test-framework	8.8.2	9.9.1
org.springframework » spring-webmvc	2.5.5	6.0.22
org.apache.geronimo.daytrader » daytrader-ear	2.1.7	NA
ch.qos.logback » logback-classic	1.2.3	1.5.5
uk.ltd.getahead » dwr	1.1.1	NA
org.jslipc » jslipc	0.2.0	0.2.3
org.apache.openjpa » openjpa	2.0.1	3.2.0
com.hazelcast » hazelcast	2.5	5.3.5
org.apache.maven.scm » maven-scm-provider-cvsexe	1.8.1	1.11.2
org.springframework.security » spring-security-web	3.0.0.RELEASE	6.2.4
org.apache.axis2 » axis2-spring	1.4.1	1.7.8
com.google.inject » guice	3.0	7.0.0
org.mockito » mockito-core	3.9.0	5.12.0
org.mortbay.jetty » jetty	6.1.0	6.1.26
commons-fileupload » commons-fileupload	1.2.1	1.4
com.thoughtworks.xstream » xstream	1.4.8	1.4.18
junit » junit	4.13.2	NA
net.sf.ehcache » ehcache-core	2.2.0	RELEASE
org.springframework.retry » spring-retry	1.1.0.RELEASE	2.0.5
org.apache.axis2 » axis2-adb	1.4.1	1.7.8
xalan » xalan	2.7.0	2.7.2
org.hamcrest » hamcrest-core	2.2	NA
org.jmockit » jmockit	1.49	NA
org.glassfish.main.admingui » war	4.0	6.2.2
org.apache.struts » struts2-core	2.1.2	2.5.26
io.github.faob-dev » aar	1.0.0	NA