Whilst downloading a new model, ACR will scan your application for Java libraries to check potential security risks and duplicate classes. To access the results, you can navigate to Java libraries in the left side menu.
You will see an overview of all the Java libraries that have security riks and/or duplicate classes. By default, we order the vulnerable jars on their security risk status (1) and we only show jars that have vulnerabilites. The different statuses are:
- Critical
- High
- Medium
- Low
We review the jar files against the NIST database for security vulnerabilities to give you insight into your jar files’ security risks, and have adopted their implied security risk statuses per jar.
If you perfer to order the results by jar name (2) or duplicate classes (3) or you want to include all the jars that have no issues (4) we have you covered too.