maven-compiler-plugin 3.13.0 — Open Ingredients

Open Ingredients

maven-compiler-plugin3.13.0

Classifier: LIBRARYSource

Security state

Critical 0High 0Medium 0Low 0Unassigned 0

Vulnerable components0

Inherited Risk Score0.0

Last BOM importMar 1, 2026, 12:22 AM

Last vulnerability analysisMay 8, 2026, 2:15 PM

Draft

What this plugin is

The Maven Compiler Plugin is the standard plugin Maven uses to compile Java sources. It wires the JDK compiler into the Maven lifecycle and exposes the options every Java team relies on — target Java release, annotation processors, module path handling, and incremental compilation.

Why it matters

Every Maven-built Java artifact passes through this plugin. A defect or regression here changes the bytecode that ships to production for thousands of downstream projects on the same day a new release is published.

Open Elements' role

Open Elements contributes to the Maven Compiler Plugin through the Support & Care programme — security response, releases, and maintenance — and tracks its security posture publicly through Open Ingredients.

Components

Outdated only

Component	Version	License	Status
maven-resolver-provider	3.6.3	Apache-2.0	outdated
maven-resolver-spi	1.4.1	Apache-2.0	outdated
maven-resolver-util	1.4.1	Apache-2.0	outdated
maven-settings	3.6.3	Apache-2.0	outdated
maven-settings-builder	3.6.3	Apache-2.0	outdated
maven-shared-incremental	1.1	Apache-2.0
maven-shared-utils	3.4.2	Apache-2.0
org.eclipse.sisu.inject	0.9.0.M2	EPL-1.0	outdated
org.eclipse.sisu.plexus	0.9.0.M2	EPL-1.0	outdated
plexus-cipher	1.4	Apache-2.0	outdated
plexus-classworlds	2.6.0	Apache-2.0	outdated
plexus-compiler-api	2.15.0	Apache-2.0	outdated
plexus-compiler-javac	2.15.0	Apache-2.0	outdated
plexus-compiler-manager	2.15.0	Apache-2.0	outdated
plexus-component-annotations	2.1.0	Apache-2.0	outdated
plexus-interpolation	1.25	Apache-2.0	outdated
plexus-java	1.2.0	Apache-2.0	outdated
plexus-sec-dispatcher	1.4	Apache-2.0
plexus-utils	4.0.0	Apache-2.0	outdated
plexus-xml	3.0.0	Apache-2.0	outdated
qdox	2.0.3	Apache-2.0	outdated
slf4j-api	1.7.36	MIT	outdated

Findings

All Critical High Medium Low Unassigned

No findings match the current filter.

Download SBOM

Download SBOM (JSON)Download SBOM (XML)

CycloneDX 1.x. Re-generated server-side; no registration required.

Talk to Support & Care