My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.1! This release contains a few known threading issues that can affect the Jenkins implementation; these have not been fixed in this Read more about UPDATE: OWASP Dependency-Check 2.1.1!
UPDATE: OWASP Dependency-Check 2.1.0!
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.0! What I like about this release is that the patch-level verification for Ruby Bundler has been proven conclusive and is now fully Read more about UPDATE: OWASP Dependency-Check 2.1.0!
UPDATE: OWASP Dependency-Check 2.0.1!
My first post about this OWASP project can be found here. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.0.1! Read more about UPDATE: OWASP Dependency-Check 2.0.1!
UPDATE: OWASP Dependency-Check 2.0.0!
My old post about the OWASP Dependency-Check project can be found here. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. Read more about UPDATE: OWASP Dependency-Check 2.0.0!
OWASP Dependency-Check: The Vulnerable Library Detector!
At work, I wanted to check if there were any vulnerabilities in the JAVA libraries that were being used. This is when I remembered of an old project - OWASP Dependency-Check. I was pleasantly surprised to see that it was still being updated and maintained by Jeremy Long. It really did work for me and I ended up updating the few libraries that were being used in my project! Read more about OWASP Dependency-Check: The Vulnerable Library Detector!