You can access the CVE data in the Xray Data tab in Artifactory and in the Watch Violations page under Security and Compliance.
JFrog research enriched CVEs are indicated by an icon in the list.
Once you click on the CVE, the CVE details are displayed in the right panel. The JFrog research enriched CVE will include the following additional details:
JFrog Research Severity
The severity given by the JFrog security research team after the manual analysis by the team.
Displays fixed versions for the issue if any, or recommendations such as upgrading and mitigations.
A summary of the issue in the CVE based on JFrog's security analysis .
A detailed description of the issue that provides more insights on the vulnerability, based on JFrog's security analysis.
JFrog Research Severity Reasons
The reasons behind the JFrog research severity.