- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA Release Notes
- Checkmarx SCA Release Notes March 2025
Checkmarx SCA Release Notes March 2025
Notice
These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
SCA Updates
Global Inventory Improvements
We added the following functionality to the Vulnerabilities and Malware tab of the Global Inventory & Risks.
Added the “Secure Version” column, indicating whether or not a remediated version of the package is available. You can sort and filter for this column.
The EPSS score is now shown in a separate column (not under Exploitability). You can now sort and filter for EPSS.
SCA Resolver
Download the latest version here.
Version 2.12.14 (Mar 25, 2025)
Improved the export process for risk reports.
For SwiftPM, added support for version 3 of lock file
package.resolved
.
Version 2.12.11 (Mar 18, 2025)
For Nuget, fixed resolution for projects that include private packages.