go-dep-parser icon indicating copy to clipboard operation
go-dep-parser copied to clipboard
verified publisher icon aquasecurity

Why is the scan for jar packages not including dependencies, such as those declared in pom.xml

Open logerror opened this issue 4 years ago • 3 comments

logerror avatar May 12 '21 02:05 logerror

it may like this image

logerror avatar May 12 '21 02:05 logerror

https://nvd.nist.gov/vuln/detail/CVE-2017-18349 image

logerror avatar May 12 '21 02:05 logerror

Why are dependencies not included like in other product implementations? like package-lock.json or Pipfile.lock

logerror avatar May 12 '21 02:05 logerror