OWASP Dependency Check
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in OWASP Dependency Check.
By the Year
In 2026 there have been 0 vulnerabilities in OWASP Dependency Check. Dependency Check did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 5.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 7.80 |
It may take a day or so for new Dependency Check vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent OWASP Dependency Check Security Vulnerabilities
DependencyCheck 9.0.0-9.0.6 Log Leak: NVD API Key via Debug Mode
CVE-2024-23686
5.3 - Medium
- January 19, 2024
DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file.
Insertion of Sensitive Information into Log File
OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive
CVE-2018-12036
7.8 - High
- June 07, 2018
OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
Write-what-where Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for OWASP Dependency Check or by OWASP? Click the Watch button to subscribe.
