Jeremy Long

@aikebah I blame you: https://github.com/jeremylong/DependencyCheck/pull/5978#discussion_r1385746530 **kidding** I don't have an oracle db handy to test with and I'm a bit time constrained atm.

@aikebah I'm good with only supporting Oracle 23c and above. We would likely just need to update the schema correct? alterntively, we could just wrap an isOracle check on the...

we do not have a check for MS SQL server yet - that would need to be added.

If credentails are present in the nexus server specified ODC will use basic auth. See https://github.com/jeremylong/DependencyCheck/blob/9257510b87bd847947be2a9987a235faf96e499c/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusSearch.java#L114 https://github.com/jeremylong/DependencyCheck/blob/9257510b87bd847947be2a9987a235faf96e499c/core/src/main/java/org/owasp/dependencycheck/data/nexus/NexusSearch.java#L211-L223

Please consider hosting the NVD content on a different host.

PRs are more than welcome.

we accept PRs...

We do not currently have a data source that provides the "language" for a given CPE.

This is a single CVE. This type of data is not generally available in the NVD data.

@ricardonostrum sorry for the extremely late reply to this. As Kevin indicated, this is not a sanitization library - rather an encoding library. To make the given output safe for...