Detect and alert common vulnerabilities and exposures (CVE) in 3rd-party dependencies

Using 3rd-party libraries makes developer’s lives so much easier but can turn them into a nightmare when they are unmanaged and we don’t have a good understanding what is being used in a project or even a larger organization.

A few months ago we have seen quite a few popular frameworks widely used in many software products being hit by severe CVE (common vulnerabilities and exposures).