-
CVE Allowlist
CVE Allowlist
A CVE Allowlist is used to ignore specific vulnerabilities that are known but accepted temporarily.
Sometimes vulnerabilities cannot be fixed immediately because: * No patch is available * The vulnerability is not exploitable in your environment * It does not affect the application functionality
In these cases, administrators can add the vulnerability to the CVE Allowlist. This allows certain vulnerabilities to be ignored for this project.
You have two options: * System allowlist Uses the global allowlist defined by Satama administrators * Project allowlist uses defined custom CVEs specific to this project.
You can click ADD to add CVE IDs manually. Click COPY FROM SYSTEM to copy global allowlist entries and set expiration date or choose "Never expires".