OWASP Dependency Check to test vulnerabilities of external dependencies

According to Gartner, 80% of an application’s code is provided by dependencies. However, the vulnerabilities of these dependencies are rarely monitored.

OWASP’s Dependency Check tool (https://www.owasp.org/index.php/OWASP_Dependency_Check) can automatically list and check whether an application dependency has a vulnerability.

To do this, this tool uses the NIST National Vulnerability Database (NVD) website. This database publishes vulnerabilities in the form of CVEs (Common…