Vulnerable imported dependency
Reports vulnerabilities in Gradle and Maven dependencies imported into your project. A full list of Gradle and Maven dependencies is shown in the Project tool window under External Libraries.
Fixing the reported problems helps prevent your software from being compromised by an attacker.
To solve a problem, you can update to a version where the vulnerability is fixed (if available) or switch to a dependency that doesn't have the vulnerability.
The quick-fixes available may suggest updating to a safe version or visiting the website to learn more about a particular vulnerability.
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
VulnerableLibrariesGlobal- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Suppressing Inspection
You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:
More detailed instructions as well as other ways and options that you have can be found in the product documentation:
Inspection Details | |
|---|---|
By default bundled with: |