Determine if the MavenCentral component is "dangerous"
MavenCentral contains many artifacts. Some of them should not be used because they have serious bugs, such as security risks.
I know the Nexus Firewall offers a costly service to analyze these artifacts. Are there other methods that offer (at least slightly) protection against such vulnerabilities?
+3
Jf meier
source
to share
1 answer
Dependency Checker OWASP checks dependencies for publicly available vulnerabilities and is free.
+4
henry
source
to share