Maven · net.sourceforge.pmd:pmd-designer • Maven · net.sourceforge.pmd:pmd-ui • Maven · net.sourceforge.pmd:pmd-core
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext
Is your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.
Check my repoSources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.