Skip to content

DependencyCheck is a utility that attempts to detect publically disclosed vulnerabilities in project dependencies.

License

Notifications You must be signed in to change notification settings

dancornell/DependencyCheck

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

About:
DependencyCheck is a utility that attempts to detect publically disclosed
vulnerabilities contained within project dependencies. It does this by determining
if there is a Common Platform Enumeration (CPE) identifier for a given dependency. 
If found, it will generate a report linking to the associated CVE entries. 

Usage:
$ mvn package
$ cd target
$ java -jar dependencycheck-0.1.1.jar -h
$ java -jar DependencyCheck-0.1.1.jar -a Testing -out . -scan ./test-classes/org.mortbay.jetty.jar -scan struts2-core-2.1.2.jar -scan ./lib


Author: Jeremy Long ([email protected])

Copyright (c) 2012 Jeremy Long. All Rights Reserved.

About

DependencyCheck is a utility that attempts to detect publically disclosed vulnerabilities in project dependencies.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published