Skip to main content

Checkmarx SCA Release Notes June 2023


These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.


The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated on July 7. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API well in advance of the July 7 deadline.

Improvements and Bug Fixes





Exploitable Path

We added support for scanning cshtml files using the the Exploitable Path queries.

SCA Resolver Releases

We released the following new version of SCA Resolver:


The complete changelog, and links to download SCA Resolver are available here.

Version 2.2.5

  • For Nuget, improved detection of package versions used by the framework at runtime.

  • For Bower, Improved dependency resolution.