Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
mvn compile org.sonatype.ossindex.maven:ossindex-maven-plugin:audit
Result on all modules is a CVSS-score threshold: 0.0
In contrast: IIRC the owasp dependency plugin gave several false positives.
We should consider to add this to the maven-parent to get early notifications on known CVEs.
Attachments
Issue Links
- is blocked by
-
MPOM-210 Adding CVE Checks via OWASP
- Closed
- links to