The dependency check plugin(s) check your dependencies for known published security vulnerabilities via the Common Vulnerabilities and Exposures website .

It's available for maven gradle and many other build systems.
https://jeremylong.github.io/DependencyCheck/

For maven users, the following should generate an XML file in the target folder
mvn org.owasp:dependency-check-maven:7.4.1:check -Dformat=XML

The xml output is rather large to paste here, but if needed i can run it against some open source repos

Actually, it is supported with the SARIF format. And Jeremy Long has contributed to that parser in this library:
https://github.com/tomasbjerre/violations-lib/commits?author=jeremylong

I am updating the documentation about this.

Open issue again if any other issues!