Hello everyone, I am trying to find out what CVE issues there are with axis2. I am using the owasp maven plugin. With the appropriate plugin section added to the pom I get a build error:
[INFO] --------------------< org.apache.axis2:axis2-jibx >--------------------- [INFO] Building Apache Axis2 - JiBX Data Binding 1.8.0-SNAPSHOT [29/85] [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- dependency-check-maven:5.2.4:check (default-cli) @ axis2-jibx --- [ERROR] Unable to resolve system scoped dependency: com.sun:tools:jar:1.8.0:system It looks like there is a dependency on com.sun.tools. This is shown by the maven dependency analyser which reports: INFO [m] +- org.apache.ant:ant:jar:1.10.9:test INFO [m] | +- org.apache.ant:ant-launcher:jar:1.10.9:test INFO [m] | \- com.sun:tools:jar:1.8.0:system Can anyone shed any light on this error please? -- Regards, Andrew Marlow http://www.andrewpetermarlow.co.uk
