- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes December 2024
Checkmarx SCA Release Notes December 2024
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
Support for CVSS 4.0
We have added support for the CVSS 4.0 scoring system, which uses additional metrics to provide better granularity and further refine the scoring methodology. We now show the CVSS 4.0 score for each vulnerability that has such a score. When no CVSS 4.0 score is available, we continue to use the most recent available score from previous scoring systems (3.1 or 2.0).
SCA Resolver Releases
Version 2.12.3 (Dec 12, 2024)
Improved logging for the project creation process
Fixed issue with manifest file upload on Windows operating systems
Fixed issue with certificate expiration for Windows binary digital signing
For Nuget, improved package version resolution for
Directory.Packages.propsandDirectory.Build.propsfiles.
Download the latest version here.