org.owasp/dependency-check is vulnerable to Information Disclosure. The vulnerability is due to the nvdApiKey not being masked because it doesn't match the specified patterns. As a result, when debug mode is enabled (using mvn -X), the API key is logged in clear text. This exposes the NVD API…Read More