Karl Heinz Marbaise created MNG-6487:
----------------------------------------
Summary: Adding CVE Checks via OWASP
Key: MNG-6487
URL: https://issues.apache.org/jira/browse/MNG-6487
Project: Maven
Issue Type: Improvement
Reporter: Karl Heinz Marbaise
{{mvn compile org.sonatype.ossindex.maven:ossindex-maven-plugin:audit}}
Result on all modules is a CVSS-score threshold: 0.0
In contrast: IIRC the owasp dependency plugin gave several false positives.
We should consider to add this to the maven-parent to get early notifications
on known CVEs.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
