github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 01:51:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Added Ruby and Node.js to landing page. Added table row for Node.js in Analyzers list.

Browse Source
This commit is contained in:
Dale Visser
2015-08-26 12:27:38 -04:00
parent acd4b4371d
commit 61ac81518a
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/site/markdown/index.md
View File

@@ -2,11 +2,11 @@ About
====================
OWASP dependency-check is an open source solution the OWASP Top 10 2013 entry:
[A9 - Using Components with Known Vulnerabilities](https://www.owasp.org/index.php/Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities).
Dependency-check can currently be used to scan Java, .NET, and Python
applications (and their dependent libraries) to identify known vulnerable
components. In addition, Dependency-check can be used to scan some source
code, including OpenSSL source code and source code for projects that use
Autoconf.
Dependency-check can currently be used to scan Java, .NET, Python, Ruby and
Node.js applications (and their dependent libraries) to identify known
vulnerable components. In addition, Dependency-check can be used to scan some
source code, including OpenSSL source code and source code for projects that
use Autoconf.
The problem with using known vulnerable components was covered in a paper by
Jeff Williams and Arshan Dabirsiaghi titled, "[The Unfortunate Reality of