This question is triggered by issue #7164
The failure to execute the dependency-check with version 11.X is caused by dates not accepted by the NIST api.

Traces of an execution without issue:

[DEBUG] requesting URI: https://services.nvd.nist.gov/rest/json/cves/2.0?resultsPerPage=2000&startIndex=0

Traces of an execution ending up in failure "NVD Returned Status Code: 404 - Invalid ISO 8601 date/time format, see documentation."

[DEBUG] requesting URI: https://services.nvd.nist.gov/rest/json/cves/2.0?lastModStartDate=2024-11-24T01%3A04%3A56-05&lastModEndDate=2025-03-24T01%3A04%3A56-05&resultsPerPage=2000&startIndex=0

The dates, although seemingly valid are triggering the issue - possibly due to an implementation issue on NIST side.
Both executions are for the same pom.xml:

<plugin>
	<groupId>org.owasp</groupId>
	<artifactId>dependency-check-maven</artifactId>
	<version>11.0.0</version>
	<configuration>
		<failBuildOnCVSS>0</failBuildOnCVSS>
		<skipProvidedScope>true</skipProvidedScope>
		<skipTestScope>true</skipTestScope>
		<failOnError>true</failOnError>
		<suppressionFile>src/owasp.suppression.xml</suppressionFile>
		<nvdApiKey>********-****-****-****-************</nvdApiKey>
	</configuration>
	<executions>
		<execution>
			<goals>
				<goal>check</goal>
			</goals>
		</execution>
	</executions>
</plugin> 

In both cases, the arguments resultsPerPage=2000&startIndex=0 should be enough, no need for dates.
Is there a way to configure the client not to use dates when calling the NIST api?
or is there a reason to use dates on the system facing the issue?

Thanks