[OWASP-Security101] Getting a list of high risk CVE from my local Maven repositry
rjdkolb at gmail.com
Wed Nov 18 08:56:54 UTC 2015
I know there has been a lot of research on the Java libraries with common
vulnerabilities in Maven Central.
My company has a private Nexus repository where only manually selected are
My question is, can I get a list of dependencies in my company's Nexus that
are vulnerable to high risk common vulnerabilities.
Perhaps this can be done using the Nexus Maven repository index ?
When I have a list, we can manually delete the older libraries and reduce
the possible attack surface of our company. Invaluable !
More information about the Security101