Looking for more information about a specific vulnerability? The new Advisory Database Search is a quick way to find all advisories that match your search criteria.
The Bytesafe advisory database is continuously updated from multiple sources and whenever a new advisory is added, all your existing dependencies are checked for vulnerabilities. Optionally, based on your policy settings affected versions can automatically be put in quarantine by the Dependency Firewall.
The Advisory Database Search is the tool at hand if you want to:
- Find out more about a specific vulnerability (what versions are affected, are there any patched versions etc.)
- Know if a package has vulnerabilities
How to search for a vulnerability
Go to Advisory database in the main menu which by default shows the latest added advisories. To find a specific advisory, search for a package name or vulnerability identifier (CVE/CWE/GHSA).
Clicking on a specific advisory in the search result shows more information about the advisory such as vulnerable versions, patched versions, details on how the affected package versions are vulnerable and references.
The information helps you better understand the vulnerability and your path to remediation, for example if a patched version exists.