fed projects/components and newly raised CVEs #3962
Unanswered
gurucubano
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
My company is running DT v4.10.0 and we feed from time to time, let's say once a year, our Java projects to DT with a Maven plugin from our build processes. I have two question:
When new CVEs are raised for already fed components, do they show up as new vulnerabilities for the used Java components or are they only get "connected" with our projects in the moment of feeding?
If new CVEs get connected, is there some kind of notification scheme, for example they trigger a mail to the team?
Matthias
Beta Was this translation helpful? Give feedback.
All reactions