Dependency-Check Core

Note: There is a new version for this artifact: 10.0.1

Dependency-Check Core

dependency-check-core is the engine and reporting tool used to identify and report if there are any known, publicly disclosed vulnerabilities in the scanned project's dependencies. The engine extracts meta-data from the dependencies and uses this to do fuzzy key-word matching against the Common Platfrom Enumeration (CPE), if any CPE identifiers are found the associated Common Vulnerability and Exposure (CVE) entries are added to the generated report.

<dependency>
    <groupId>org.owasp</groupId>
    <artifactId>dependency-check-core</artifactId>
    <version>1.3.0</version>
</dependency>

compile group: 'org.owasp', name: 'dependency-check-core', version: '1.3.0'

compile 'org.owasp:dependency-check-core:1.3.0'

libraryDependencies += "org.owasp" % "dependency-check-core" % "1.3.0"

<dependency org="org.owasp" name="dependency-check-core" rev="1.3.0"/>

@Grapes(
            @Grab(group='org.owasp', module='dependency-check-core', version='1.3.0')
        )

[org.owasp/dependency-check-core "1.3.0"]

'org.owasp:dependency-check-core:jar:1.3.0'

Compile dependencies (14)

Group / Artifact	Version	Newer Version
com.h2database » h2	1.3.176	2.1.210
org.slf4j » slf4j-ext	1.7.12	2.0.12
org.slf4j » slf4j-api	1.7.12	2.0.12
com.google.code.findbugs » annotations	3.0.0	3.0.1u2
org.apache.commons » commons-compress	1.9	1.21
org.owasp » dependency-check-utils	1.3.0	10.0.1
org.apache.velocity » velocity	1.7	NA
commons-io » commons-io	2.4	2.11.0
org.apache.lucene » lucene-core	4.7.2	9.9.1
commons-lang » commons-lang	2.6	NA
org.apache.lucene » lucene-queryparser	4.7.2	9.9.1
org.apache.lucene » lucene-analyzers-common	4.7.2	8.10.1
org.jsoup » jsoup	1.7.2	1.17.1
com.sun.mail » mailapi	1.5.2	1.6.7

Test dependencies (22)

Group / Artifact	Version	Newer Version
net.sf.ehcache » ehcache-core	2.2.0	RELEASE
org.apache.geronimo.daytrader » daytrader-ear	2.1.7	NA
org.dojotoolkit » dojo-war	1.3.0	1.17.3
org.springframework » spring-webmvc	2.5.5	6.0.22
junit » junit	4.12	4.13.2
ch.qos.logback » logback-core	1.1.3	1.5.2
org.mortbay.jetty » jetty	6.1.0	6.1.26
com.google.inject » guice	3.0	7.0.0
org.apache.maven.scm » maven-scm-provider-cvsexe	1.8.1	1.11.2
org.jmockit » jmockit	1.16	1.49
org.springframework.security » spring-security-web	3.0.0.RELEASE	6.2.4
org.springframework.retry » spring-retry	1.1.0.RELEASE	2.0.5
ch.qos.logback » logback-classic	1.1.3	1.5.5
org.apache.struts » struts2-core	2.1.2	2.5.26
org.apache.axis2 » axis2-spring	1.4.1	1.7.8
com.hazelcast » hazelcast	2.5	5.3.5
org.apache.openjpa » openjpa	2.0.1	3.2.0
org.glassfish.main.admingui » war	4.0	6.2.2
org.apache.lucene » lucene-test-framework	4.7.2	9.9.1
org.apache.axis2 » axis2-adb	1.4.1	1.7.8
uk.ltd.getahead » dwr	1.1.1	NA
org.hamcrest » hamcrest-core	1.3	2.2