Security Vulnerability Reporting

This release provides the following enhancement to Code Insight’s reporting of security vulnerabilities found in open-source or third-party components.

•

Support for Identifying Known Exploited Vulnerabilities in Security Vulnerabilities Window

The Security Vulnerabilities window, which is displayed when you click the Vulnerabilities bar graph for a specific component or inventory item, has been enhanced by adding a new property named Is KEV. This new property indicates whether a security vulnerability, listed in the Security Vulnerabilities window, is already included in the Known Exploited Vulnerability (KEV) Catalog. The available values indicated by the Is KEV property are Yes and No.

The following displays the Is KEV property value for all security vulnerabilities in the Security Vulnerabilities window: