Owasp Dependency-check — known CVE vulnerabilities
Every CVE whose affected-product data names Owasp Dependency-check, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-12036 — CVSS 7.8 (high): OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal…
CVE-2024-23686 — CVSS 5.3 (medium): DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode…