Replies: 2 comments
-
|
I was actually using Next.js 14.2.25 and it had a low risk finding associated to it, but it did not flag up when searching across all my project in the components view, so it lead me to believe the package didn't exist in any of my projects. But deeper analysis showed it did and was actually flagged already as a low finding in a project? Why does it not show in the components view? |
Beta Was this translation helpful? Give feedback.
-
|
In the Community version Components are attributes of findings. They are not separate entities. Which parser are you referring to? You need a scan report with the vulnerability for a parser that is able to extract the component information for the report. Do you have a sample to reproduce? |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi All, after todays Next.js CVE-2026-44578 annoucement, I noticed I had some Next(next) components that were not showing up in the Components feature. The lead me to believe the package was not being used in any repo we were scanning. Is this a known issue? Does this have wider impacts across Defect Dojo's visibility of components?
Beta Was this translation helpful? Give feedback.
All reactions