THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Since OFBiz uses Gradle, all dependent libraries (ie also dependencie from the libraries OFBiz uses and recursively) are loaded by Gradle and analysed by the OWASP Dependency Check plugin. So it's materially impossible to check all the possible vulnerabilities. I decided to only check the higher ones, currently (2017-02-16) we have only already know ones:
As you can check in the main build.gradle, those 2 libs are not directly used by OFBiz but by libs used by plugins (like Birt).
The other HIGHEST are only dependencies on dependencies. In both cases it's impossible to do otherwise anyway (though we should upgrade Birt...)
Trunk reports
Here is the last report file for the trunk
...