02-10-2025 11:56 PM - edited 02-11-2025 12:07 AM
Hello, here's the story:
We have an integration with Git-Lab, and recently the access token expired. We have reintegrated Git-Lab with Prisma, and we noticed that the vulnerabilities that were there a long time ago have disappeared, but not all of them.
Can anyone explain why this is happening?
(the information says that the scan is running)
As the official documentation says:
"For each vulnerability identified in an SCA scan, Prisma Cloud contextualizes it as a Common Vulnerabilities and Exposures (CVE) for open source package managers."
02-11-2025 07:36 AM
Hi O.Chentsov,
I am not sure I am following your question. Did you re-integrate your Gitlab with Prisma with a renewed token?
Are you asking why the re-integrated Gitlab is showing less findings than before?
Can you please elaborate?
02-11-2025 08:02 AM
Yes, of course 🙂
Yes, I have re-integrated my access token and everything seems to be fine, the status of the repositories on Prisma is green and the scan information is displayed when I scan them.
But previously, in Application Security > Code > Projects, I had selected the repositories I needed and set the code categories: Vulnerabilities, Secrets and saw the presence of about 170 critical vulnerabilities in packages and images. But after I reintegrated GitLab, those 170 vulnerabilities just disappeared.
And I had a question. Could they be outdated and simply disappear after reintegration?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
