aqua-microscanner-plugin icon indicating copy to clipboard operation
aqua-microscanner-plugin copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

How to Acknowledge a Specific Vulnerability

Open Jared-Prime opened this issue 5 years ago • 1 comments

I want to acknowledge CVE-2018-15664 ( as it's presently a zero-day ) and only can continue the Jenkins build. What is the recommended way to do so? I haven't located the correct documentation describing the procedure.

Jared-Prime avatar Jun 03 '19 16:06 Jared-Prime

Hi Jared,

Thank you for your input. We support this functionality in our commercial product (Aqua CSP) - allowing our customers to acknowledge security issues so that they won't block the next scans. For the microscanner, you can try parsing the JSON/HTML result and exclude the CVE from the results.

Amit Bismut, Product manager @ Aqua

Tester24h avatar Jul 25 '19 15:07 Tester24h