Skip to main content

Managing issues in agent-based scans

Issues are the essential components of Veracode Software Composition Analysis agent-based scanning. They allow you to track and take action on vulnerabilities, out-of-date libraries, and software licensing concerns for open-source libraries in a specific software project.

Issues are unique to a specific project as well as the library and corresponding version.

If a library is updated to a different version that also includes the same vulnerability, Veracode SCA creates a new issue that references the new version. The new issue automatically replaces the old issue because the older version is no longer in use.