Fix example direct vulnerability for Maven

When your pom.xml configuration file specifically references a library, or you add the library to your project as a JAR file, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for an Unauthorized Modification of Nodes vulnerability in Apache Kafka, version 0.9.0.1 in the example-java-maven repository.

To complete this task:

Edit the pom.xml file in the root of the project to match this example:

<dependency>
<groupId>org.apache.kafka</groupId>
<artifactId>kafka_2.11</artifactId>
<version>0.10.2.1</version>
</dependency>

Validate the fix.

Did you find this helpful?