Contexts for the Vulnerabilities Bar Graph
The Security Vulnerabilities window is opened by clicking the Vulnerabilities bar graph displayed within the context of the following entities in Code Insight.
| • | An Inventory Item Currently in Focus in the “Analysis Workbench” or on the “Project Inventory” Tab |
| • | An Inventory Item Listed in the “Inventory” View |
| • | A Component Version in “Lookup Component” Results |
| • | A Component Version in “Global Component & License Lookup” Results |
Note:The bar graph is displayed only if entity is associated with one or more security vulnerabilities.
An Inventory Item Currently in Focus in the “Analysis Workbench” or on the “Project Inventory” Tab
If the specific inventory item currently in focus on the Inventory Details pane/tab in the Analysis Workbench or Project Inventory tab has associated security vulnerabilities, a bar graph is visible showing the vulnerability counts for that item within the context of the current project.
Note:These counts exclude any vulnerabilities that were suppressed for the given component version either globally or for the current project only.
An Inventory Item Listed in the “Inventory” View
If a specific inventory item listed on the Inventory view has associated security vulnerabilities, a bar graph is visible in that item’s row, showing the vulnerability counts for the item within the context of its listed project.
Note:These counts exclude any vulnerabilities suppressed for the given component version globally or at the project level (for the project listed).
A Component Version in “Lookup Component” Results
If a component version listed in Lookup Component window (accessed when creating or editing a component-based inventory item in the Analysis Workbench or in Project Inventory tab) has associated security vulnerabilities, a bar graph is visible showing the vulnerability counts for that version as stored at the system (global) level in the Code Insight Data Library.
Note:These counts exclude any vulnerabilities that were suppressed globally for the given component version. Additionally, while the counts for a component version are generally the same as the vulnerability counts for an inventory item associated with the component version, the inventory item counts can be fewer if vulnerabilities were suppressed for the item at the project level.
A Component Version in “Global Component & License Lookup” Results
If a component version listed on the Versions dialog (accessed for a specific component on the Global Component & License Lookup window) has associated security vulnerabilities, a bar graph is visible showing the vulnerability counts for that version as stored at the system (global) level in the Code Insight Data Library.
Note:These counts exclude any vulnerabilities that were suppressed globally for the given component version. Additionally, while the counts for a component version are generally the same as the vulnerability counts for an inventory item associated with the component version, the inventory item counts can be fewer if vulnerabilities were suppressed for the item at the project level.