Dependencies with vulnerabilities

Martini runs on top of a large collection of libraries. TORO regularly monitors these libraries for known vulnerabilities using the OWASP dependency-check tool. As soon as a patch is released for a vulnerability that exceeds a CVSS score of 6.9 (or in other words, classified as High or Critical), TORO releases an update.