Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency track does not show vulnerabilities recommandations #2739

Closed
2 tasks done
chaourarimine opened this issue May 12, 2023 · 2 comments
Closed
2 tasks done

Dependency track does not show vulnerabilities recommandations #2739

chaourarimine opened this issue May 12, 2023 · 2 comments
Labels
duplicate This issue or pull request already exists

Comments

@chaourarimine
Copy link

Current Behavior

I scanned a docker image with Trivy and generated a CycloneDX containing all its vulnerabilities and the recommendations to fix them. The recommendations are not displayed when I upload the file to Dependency Track.
bom_vulnerability
dtrack_empty_recommendation

Steps to Reproduce

1.Upload this file containing all the vulnerabilities of an image and the recommendations to fix them(rename it to *.json).
report.txt

  1. Go to dependency track to see that all recommendations values are empty

Expected Behavior

I expect to see the recommendation for a vulnerability so I can fix it

Dependency-Track Version

4.8.0

Dependency-Track Distribution

Container Image

Database Server

PostgreSQL

Database Server Version

10.15

Browser

Google Chrome

Checklist
@chaourarimine chaourarimine added defect Something isn't working in triage labels May 12, 2023
@nscuro
Copy link
Member

nscuro commented May 12, 2023

Duplicate of #1677.

@nscuro nscuro closed this as not planned Won't fix, can't repro, duplicate, stale May 12, 2023
@nscuro nscuro added duplicate This issue or pull request already exists and removed defect Something isn't working in triage labels May 12, 2023
@github-actions
Copy link
Contributor

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
duplicate This issue or pull request already exists
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nscuro @chaourarimine