View JFrog Research Enriched CVEs

JFrog Security Documentation

Products
JFrog Xray
Content Type
User Guide
ft:sourceType
Paligo

You can access the CVE data in Xray > Scans List

Enriched_CVEs_ScansList.png

JFrog research enriched CVEs are indicated by an icon in the list.

EnrichedCvesIcon.png

Once you click on the CVE, the CVE details are displayed in the right panel. The JFrog research enriched CVE will include the following additional details:

JFrog Research Severity

The severity given by the JFrog security research team after the manual analysis by the team.

Remediation

Displays fixed versions for the issue if any, or recommendations such as upgrading and mitigations.

image2021-9-29_17-16-28.png

Research Summary

A summary of the issue in the CVE based on JFrog's security analysis .

image2021-9-29_17-17-25.png

Research Details

A detailed description of the issue that provides more insights on the vulnerability, based on JFrog's security analysis.

image2021-9-29_17-18-45.png

JFrog Research Severity Reasons

The reasons behind the JFrog research severity.

image2021-9-29_17-19-39.png