Dependency Analysis
Apache Maven
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
100%
Freshness
700
Dependencies
0
Outdated
0
Stale
—
Avg Behind
Dependency List
Latest release maven-3.9.15
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
log4j:log4j
maven
|
Direct | 1.2.17 | — | — | 6 critical | Apache-2.0 |
|
org.codehaus.plexus:plexus-utils
maven
|
Direct | 3.0.9 | — | — | 3 critical | Apache-2.0 |
|
org.codehaus.plexus:plexus-utils
maven
|
Direct | 3.0.24 | — | — | 1 high | Apache-2.0 |
|
junit:junit
maven
|
Direct | 4.12 | — | — | 1 medium | EPL-1.0 |
License Breakdown
Unknown
544
Apache-2.0
115
MIT
11
EPL-2.0
4
Apache-2.0 AND EPL-1.0 AND EPL-2.0
3
CPL-1.0
3
EPL-1.0
3
GPL-2.0-only WITH Classpath-exception-2.0
2
LicenseRef-scancode-unknown-license-reference AND EPL-2.0
2
Apache-1.1
1
Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND HTMLTIDY AND LicenseRef-scancode-public-domain AND MIT
1
Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND MIT
1
Apache-2.0 AND BSD-2-Clause AND EPL-2.0 AND LicenseRef-scancode-public-domain AND MIT
1
Apache-2.0 AND BSD-3-Clause AND MIT
1
Apache-2.0 AND MIT
1
BSD-3-Clause
1
CDDL-1.0
1
CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0
1
EPL-2.0 AND LGPL-2.1 AND LGPL-2.1-only
1
EPL-2.0 OR (Apache-2.0 AND EPL-2.0)
1
LicenseRef-scancode-public-domain
1
CVE Severity
critical
2
high
1
medium
1
low
0
unknown
0