Vulnerable imported dependency
Reports vulnerabilities in Gradle and Maven dependencies imported into your project. A full list of Gradle and Maven dependencies is shown in the Project tool window under External Libraries.
Fixing the reported problems helps prevent your software from being compromised by an attacker.
To solve a problem, you can update to a version where the vulnerability is fixed (if available) or switch to a dependency that doesn't have the vulnerability.
The quick-fixes available may suggest updating to a safe version or visiting the Checkmarx website to learn more about a particular vulnerability.
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
VulnerableLibrariesGlobal- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Vulnerability data provided by Checkmarx (c).
Availability
- By default bundled with
- Can be installed with plugin
Package Checker, 241.18072