Is your feature request related to a problem? Please describe.
When using the pip Analzyer, it is not clear in the failure report from which dependency a CVE comes using the maven plugin. It only shows requirements.txt and the CVE with its score
Currently:
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.owasp:dependency-check-maven:10.0.4:check (default) on project aqto-app:
One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '8.0':
requirements.txt: CVE-2024-9880(8.600000381469727)
See the dependency-check report for more details.
Describe the solution you'd like
Show the software identifiers in the failure report. So that it's clear from which dependency the CVE comes.
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.owasp:dependency-check-maven:10.0.4:check (default) on project aqto-app:
One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '8.0':
requirements.txt (pkg:pypi/[email protected]): CVE-2024-9880(8.600000381469727)
See the dependency-check report for more details.
Describe alternatives you've considered
N/A
Additional context
N/A
Is your feature request related to a problem? Please describe.
When using the pip Analzyer, it is not clear in the failure report from which dependency a CVE comes using the maven plugin. It only shows
requirements.txtand the CVE with its scoreCurrently:
Describe the solution you'd like
Show the software identifiers in the failure report. So that it's clear from which dependency the CVE comes.
Describe alternatives you've considered
N/A
Additional context
N/A