Topics created by aristo_4359

Hi @aristo_4359 , This will happen from time to time and there's no great solution to fixing it. The underlying issue is simple actually; the source data is incorrectly coded, and systems like PGVD that rely on that will display incorrect results. Since sources routinely update data (and they may fix this... if you ask), PGVD will also update the ingested data. So it becomes quite complicated to try to "override" incorrect data, even though it's so obvious from reading the description and looking at it. Without getting into too many details, here is how they encoded this at the source: "database_specific": { "last_known_affected_version_range": "< 0.19.3" } Compare this to another vulnerability at the same source, and you will see this is the correct encoding: { "last_affected": "2.0.13" } Given the infrequency that this happens, and the fact that it's an old, low-risk vulnerability (we would rate this as a "2 out of 5" on our upcoming scale FYI), we don't think it's worth worrying about. Thanks, Alana

Thank you

@aristo_4359 oh I see! The "search" function does not work by version in that case

I noticed this mechanism when I migrated from Artifactory to Proget in my company but only able to comment now. I would say thank you very much for you guys for addressing this, especially since it is done before the migration in my company.

@aristo_4359 thanks for letting us know! You are the first person to inquire about it over very many years :) We'll see if anyone else is interested in this and then we can consider adding it!

Thank you