Xray gathers its vulnerabilities information from external & internal sources, however, in some cases you may want to manually mark a specific artifact as vulnerable.
The above can be achieved by using the UI / REST API to create a 'Custom Issue Event.'
Once a custom issue is applied to a component, you may apply any policy and automatic action to it, for example: generate violation, block download, etc.