Veracode SCA Remediation Guidance
These guidelines can help you lower your application risk in Veracode Software Composition Analysis.
Download the latest version, or least-vulnerable version of the component.note
The latest version of the component is not always the least vulnerable.
Replace the vulnerable component with a different component with similar functionality.
Use environmental controls to suppress application risk. If you are using the vulnerable portion of the component, try a workaround.
Mitigate the functionality of the vulnerability or license in the component.
Build your own secure component.