SBOM / SCA Report → internet-banking-web / release candidate
Total Packages
148
High Risk
3
Medium Risk
9
Release Status
Hold
Key Findings
Package
Version
CVE
Severity
Status
log4j-core
2.14.1
CVE-2021-44228
High
Unpatched
xmlsec
1.4.2
CVE-2024-1912
Medium
Upgrade available
left-pad-legacy
0.9.1
N/A
Governance
No maintainer
Release Decision Prompt
哪些項目足以影響上線決策?
是否可接受風險暫時上線,還是必須先修補?
若放行,應由誰簽署風險接受?