epugh opened a new pull request, #191: URL: https://github.com/apache/solr-site/pull/191
Turns out there are dependencies that have CVE's that are exploitable in Solr according to the VEX standard, that don't have a Solr specific CVE, or show up in that listing. This changes the table to showing all VEX entries, regardless of state (exploitable or not), and displays that information as a label: <img width="995" height="695" alt="image" src="https://github.com/user-attachments/assets/b8e64df6-f01e-440a-97ca-4bc620d3e4f6"; /> Notice the first two items, they are issues with OpenNLP in Solr 9 branch that I am creating new vex entries for and will open a seperate PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
