Skip to content

Information Disclosure: Vulnerable Dependency Detected¶

Identifier: potential_cve

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Packages, libraries, and software components with known CVEs can expose applications to security risks ranging from data breaches to full system compromise.

How we test: We analyze all detected technology packages and software components and match them against a vulnerability database for known CVEs at HIGH severity or above. When no version information is available the finding is informational.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  potential_cve:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.