Security Vulnerabilities

This release provides the following enhancements to Code Insight’s reporting of the security vulnerabilities found in open-source or third-party components:

•

Web UI Support for Unsuppressing Vulnerabilities

•

Vulnerability Dates in the Web UI

Web UI Support for Unsuppressing Vulnerabilities

Previously, securities vulnerabilities could be unsuppressed through the Code Insight REST interface only.

The System Administrator can now use the Web UI to unsuppress a security vulnerability for one, some, or all of the component versions for which it was previously suppressed. This operation is initiated by clicking the new Unsuppress button for a vulnerability listed on the Suppressed Vulnerabilities view (accessed from the Data Library option on the Code Insight system menu).

The new Unsuppress a Vulnerability window opens, enabling you to complete the unsuppression operation:

For More Information About This Feature

For more information about the Vulnerability Suppression feature, refer to “Suppressing/Unsuppressing Security Vulnerabilities” in the Code Insight User Guide.

Vulnerability Dates in the Web UI

The Security Vulnerabilities dialog now shows the dates of original publication and last revision for security vulnerabilities, as captured from the vulnerability source (NVD, Secunia, or another advisory). In the previous release, these dates were available only through the REST interface.

Security Vulnerabilities

Code Insight 2021 R4 Release Notes

November 2021