Xray 3.65.2

Xray Release Information

JFrog Xray

Released: January 17, 2023


Generate Violations by Specific Vulnerabilities

You can now create a security policy with the ability to generate violations for specific vulnerabilities (CVEs). For more information, see Creating Xray Policies and Rules. This feature is also supported through REST APIs, as described in POLICIES-v2 and POLICIES-v1.Creating Xray Policies and Rules

Feature Enhancements

Jira Integration Enhancements

The Xray Jira Integration feature has been enhanced to support creating Jira tickets manually for any violation from Xray's UI. The feature also includes the following enhancements:

  • An icon is displayed next to all of the security violations as an indication that there is a Jira ticket attached to it. 

  • You can now access Jira tickets easily from Xray's UI.Enhanced the Jira ticket structure to include the following:

    • Operational Risk

    • Licenses violations

    • Security (Regular Vulnerability)

    • Security (High profile Vulnerability)

Resolved Issues




Fixed an issue whereby, the Xray ID was not displayed in the violation details (right pane) on the Scans List page.



Fixed an issue whereby, navigating to components containing '/' in their name from the Xray Data tab pages, could lead to a 404 error.


Jira integration now supports creating Jira tickets for generic packages.


Fixed an issue whereby, on the Scans List page, in the Builds tab, when entering a build that doesn't exist in Artifactory, a 500 error was issued. Builds that were deleted from Artifactory will now be omitted from the Scan lists Builds tab. Builds that were deleted and weren't omitted will not result in this error.