Additional vulnerability data added to our web app

Packages added to Cloudsmith are scanned for vulnerabilities and malware, and passed through our policy engine. When we identify vulnerable packages, we produce and collate a range of descriptive data to help explain those vulnerabilities. Previously, that data was only available in our legacy web app, and more recently via our API. We've now brought more of this descriptive vulnerability data into the new web app.

Vulnerability dropdown
Expanding vulnerability information in the new web app

When you see a vulnerability listed, you can expand the row to show descriptive information. You'll also see links out to sources of information; such as NVD. We've also made minor improvements to vulnerability listings; these are now sorted by severity.

Vulnerabilities sorted by severity
Vulnerabilities sorted by severity
Keep up to date with our monthly product bulletin