Xray 3.66.6

Xray Release Information

JFrog Xray

Released: January 31, 2023


JFrog Advanced Security Scan Existing Artifacts (Cloud-only)

You can now run Contextual Analysis and perform Exposures Scan on an existing artifact from the Scans List page. This feature is also supported through the REST API.

Feature Enhancements

Exposures Additional Scanners (Cloud-only)

The Services category in Exposures has been expanded with 7 new scanners for NGINX configuration issues.

Jira Integration Enhancement

Enhanced the Jira ticket creation to have one Jira ticket for all the information regarding all affected components instead of creating a Jira ticket for each component.

UI Improvements

UI improvements in Scans List to the Vulnerabilities and Exposures categories screens, such as: 

  • Vulnerabilities screen:

    • Modified default displayed columns

    • Modified column order

    • Added sorting options by different columns 

    • Modified the default sorting adding a secondary sort key by applicability result

    • Clarified the Contextual Analysis results

  • Exposures categories screens:

    • The screen is now split into two tabs; To Fix and Checked OK.  

    • Issues that were checked and found OK are moved to the Checked OK tab.  

  • Navigation bar:

  • Added info tooltip explaining each of the Security Issues screens

Resolved Issues




Fixed an issue whereby, the Xray ID was not displayed in the violation details (right pane) on the Scans List page.



Fixed an issue whereby, navigating to components containing '/' in their name from the Xray Data tab pages, could lead to a 404 error.


Jira integration now supports creating Jira tickets for generic packages.


Fixed an issue whereby, on the Scans List page, in the Builds tab, when entering a build that doesn't exist in Artifactory, a 500 error was issued. Builds that were deleted from Artifactory will now be omitted from the Scan lists Builds tab. Builds that were deleted and weren't omitted will not result in this error.