Does SonarCloud detect OWASP vulnerabilities in transitive dependencies in a Java project

Does SonarCloud detect OWASP vulnerabilities in transitive dependencies in a Java project?

Hi,

We do static analysis of your source code. What you’re looking for is Software Composition Analysis (SCA).

 
HTH,
Ann

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.