The Davis Security Advisor is displayed in Third-Party Vulnerabilities above the vulnerability list on the Third-party vulnerabilities page. It recommends the fixes that would most improve the overall security of your environment.
Each recommendation contains
jackson-mapper-asl
)Solves 1 critical
)4 vulnerabilities total
).To calculate recommended fixes, Davis Security Advisor takes into consideration all third-party vulnerabilities that are currently open and not muted; resolved or muted vulnerabilities aren't taken into account. Fixes are tailored to your environment and ranked based on how much they improve the overall security of your environment.
DSA groups specific libraries that trigger vulnerabilities to simplify remediation efforts. When calculating the advice, Davis Security Advisor ignores the specific version of the library. All shown libraries contain known vulnerabilities and should be updated to the latest version.
Advice is ranked based on the severity of the third-party vulnerabilities. Advice regarding a critical vulnerability, for example, is ranked higher than advice for a high-severity vulnerability.
The severity of a vulnerability is calculated based on Davis Security Score, so you can focus on fixing vulnerabilities that are relevant in your environment, instead of on those that have only a theoretical impact.
To filter by recommended fixes, see Filter third-party vulnerabilities by recommended fixes with Davis Security Advisor.