Anton_Ceto

Hello, I am using the "org.owasp.dependencycheck" gradle plugin, version "7.1.0.1" and I am getting the same issue but for different (transitive) dependencies: ``` Failed to fetch component-report for: pkg:maven/xerces/[email protected] java.lang.NullPointerException...

@davejbur I have tried to perform a post to that link (https://ossindex.sonatype.org/api/v3/component-report) using this body (as highlighted in a comment above) ``` { "coordinates": [ "pkg:maven/xerces/[email protected]" ] } ``` and...

So I don't know if these are actual CVE vulnerabilities or not... I am asking because it is breaking some builds

Ok thanks. In my case the build gets broken because of vulnerabilities raised by the oss index

In gradle, I have done something like this and it works: ``` dependencyCheck { analyzers.ossIndexEnabled = false } ``` I am using the plugin 7.1.0.1 for the dependency check. However...

Thank you, i have run the build with gradle and I am not seeing the null pointer exc anymore. I see that there are some vulnerabilities that should be solved...