Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copilot Lvl 3
Message 1 of 2

Security Alerts not for all vulnerabilities

Solved! Go to Solution.

We tried putting a few entries in pom.xml which have known vulnerabilities, but Github shows alerts for only a few of them.  For e.g. activemq-all(v5.7.0) and commons-collections(v3.2.2) have known vulnerability issues, but it doesn't give alerts for these jars.

 

Please advise if the alerts are for selective jars or it covers all CVE vulnerabilities.

1 Reply
Solution
Community Manager
Message 2 of 2

Re: Security Alerts not for all vulnerabilities

Hi @mshadab-adeptia,

 

Thanks for being a part of the GitHub Community Forum!

 

This topic has already been opened and is being discussed in another thread here: https://github.community/t5/How-to-use-Git-and-GitHub/Security-Alerts/td-p/26425. In an effort to keep the Community Forum organized and make it easier for other users to find information, we ask that users continue the conversation in existing threads, instead of opening new ones about the same topic. For this reason, I'll be closing this topic, and you can continue the conversation in the original thread, if you'd like. It's more likely you'll get engagement and answers to your own questions this way, too.

Thank you again for being here!

Thanks for being here, sharing, and keeping our community awesome!
Best,
AndreaG

Mark helpful posts with Accept as Solution to help other users locate important info. Don't forget to give Kudos for great content!