koelnerwasser.de
Description: Java, .Net and other parts of my life
Sometimes its useful to quick check if multiple maven projects which are located in a subfolder are using vulnerable 3th party libraries:
- folderToScan -- project1 --- pom.xml -- project2 --- pom.xml ... If you don’t want to touch each of the pom.xml or integrating all the projects into a buildchain, this could be done by calling all pom.xml, downloading all referenced jars to the project folders and scanning against nvd cve database using the owasp dependency checker . From “folderToScan” call:
Another Post because I need this code snippet sometimes and don’t want to search the whole internet every time. The following code snippet opens the Manifest file an reads the Implementation properties:
koelnerwasser.de