jeremylong DependencyCheck issues

jeremylong / DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

https://owasp.org/www-project-dependency-check/

Apache License 2.0

6.46k stars 1.28k forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Continued Java 8 support

#7182 theangrydev opened 30 minutes ago
0
Make NvdCveClientBuilder.withThreadCount configurable from CLI

#7181 hoerup opened 56 minutes ago
0
Allow incremental NVD updates

#7180 marcelstoer opened 5 hours ago
15
[FP]: CVE-2024-47554 reported on Pax-Url-Ather

#7179 karthickm512 opened 7 hours ago
1
NVD API request failures

#7178 scumtydo opened 15 hours ago
11
fix: rework replaceOrAddVulnerability

#7177 jeremylong opened 1 day ago
0
docs: update gradle configuration documentation

#7176 jeremylong closed 3 hours ago
0
[FP]: Mitigation for CVE-2024-49580 was backported to Ktor 2.3.13, but is still being flagged on that version

#7175 volkert-fastned opened 1 day ago
1
Execution default-cli of goal org.owasp:dependency-check-maven:11.1.0:check failed: Cannot invoke "org.apache.maven.artifact.versioning.VersionRange.hasRestrictions()" because "vr" is null

#7174 G1732181641 opened 1 day ago
2
Explicitly loaded driver org.h2.Driver from classpath; if JDBCv4 service loading is supported by the driver you should remove the dbDriver configuration

#7173 patpatpat123 closed 1 day ago
2
dependency-check 11.1.0 returns 0 dependencies on a local bitbucket repo

#7172 czaczaja opened 2 days ago
1
[FP]: System.Text.Jsonv9.0.0

#7171 mattbatchelorbdc closed 1 day ago
5
build(deps): bump commons-io:commons-io from 2.17.0 to 2.18.0

#7170 dependabot[bot] opened 2 days ago
0
fix: 7093 add username/password properties to be able to authenticate for central.content.url and analyzer.central.url again

#7169 drijkersbq opened 2 days ago
6
Gradle version compatibility with Java 8

#7168 EddeCCC closed 2 days ago
3
build: remove unused sonar plugin

#7167 jeremylong closed 1 day ago
0
[FP]: pkg:maven/org.springframework/spring-web@6.1.14

#7166 kajh closed 5 days ago
6
Include unused suppression rules in output report

#7165 gtaylor1981 opened 6 days ago
2
NVD database cannot update, making dependencycheck unusable

#7164 rudolphi opened 1 week ago
1
[ERROR] Error updating the NVD Data & [ERROR] Failed to initialize the RetireJS repo & Host name must not contain blanks

#7163 hoangtubongdem153 opened 1 week ago
2
Scan task report error

#7162 topsekadmin closed 4 days ago
1
[FP]: pkg:pypi/python-gitlab cpe:2.3:a:gitlab:gitlab:5.0.0:*:*:*:*:*:*:*

#7161 NioXen opened 1 week ago
1
Use JDK set in tools section of the pipeline instead of Jenkins JVM

#7160 joelroyer closed 1 week ago
3
Experimental Python analyzers incorrectly identify vulnerabilities for a package (python-gitlab)

#7159 NioXen closed 1 week ago
5
Does scanning support source code or does it need to be packaged

#7158 topsekadmin closed 1 week ago
1
build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.17.1 to 2.18.0

#7157 dependabot[bot] closed 1 day ago
0
Fix CVE on this plugin itself

#7156 jycr opened 1 week ago
0
fix: do not log loading of JDBC driver

#7155 jeremylong closed 1 week ago
0
`dependency-check-maven:11.1.0:aggregate` produces a HTML report that says `dependency-check version: 10.0.4`.

#7154 wilx closed 1 week ago
2
build(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.5 to 4.8.6.6

#7153 dependabot[bot] closed 1 week ago
0
folders on the C root directory return an exception

#7152 visccyberacct opened 1 week ago
1
Publication & version output

#7151 Chelseasweeney07 opened 1 week ago
3
chore: add chad as a FP approver

#7150 jeremylong closed 1 week ago
1
build(deps): bump JamesIves/github-pages-deploy-action from 4.6.8 to 4.6.9

#7149 dependabot[bot] closed 1 week ago
0
build(deps): Update codeql-action to v3

#7148 aikebah closed 1 week ago
1
fix: expose flag to disable version check

#7147 jeremylong closed 1 week ago
0
Unused Suppression Rule reporting bundled(?) suppressions

#7146 OrangeDog closed 1 week ago
4
[FP]: False positive for apache-el-11.0.0.jar against multiple jetty 11 CVE's

#7145 vbode closed 1 week ago
4
build(deps): bump golang from 1.23.2-alpine to 1.23.3-alpine

#7144 dependabot[bot] closed 1 week ago
0
docs: update documentation for Gradle plugin

#7143 tylervz closed 1 week ago
2
Please add option to disable version-check to CLI

#7142 malice00 closed 1 week ago
0
DependencyCheck >10 Causes bootBuildImage Task to Fail with Buildpack

#7141 tomaaron opened 2 weeks ago
6
java.lang.NoSuchMethodError: com.fasterxml.jackson.databind.util.NativeImageUtil.isInNativeImage()Z

#7140 Aravind202leo closed 1 week ago
3
fix: use CPE target_sw to populate ecosystem to reduce FP

#7139 jeremylong opened 2 weeks ago
1
chore: cleanup base suppression

#7138 jeremylong closed 1 week ago
0
fix(fp): Consolidate duplicate jetcd suppression and ensure considered base suppressions

#7137 chadlwilson closed 2 weeks ago
0
build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin from 4.0.0.4121 to 5.0.0.4389

#7136 dependabot[bot] closed 4 days ago
4
When building a report using the maven pluging, make the maven coordinate reference displayed under section "Project: [some tile]" optional

#7135 tblaszlo closed 2 weeks ago
2
build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.1 to 3.5.2

#7134 dependabot[bot] closed 2 weeks ago
0
build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.1 to 3.11.1

#7133 dependabot[bot] closed 2 weeks ago
0