Change theme
Help
Press space for more information.
Show links for this issue (Shortcut: i, l)
Copy issue ID
Previous Issue (Shortcut: k)
Next Issue (Shortcut: j)
Sign in to use full features.
Vote: I am impacted
Notification menu
Refresh (Shortcut: Shift+r)
Go home (Shortcut: u)
Pending code changes (auto-populated)
View issue level access limits(Press Alt + Right arrow for more information)
Unintended behavior
View staffing
Description
Problem you have encountered:
We're encountering an issue with vulnerability scanning and VEX document uploads. While VEX documents are successfully uploaded via the artifact registry (AR) URL, these updates aren't reflected in the container image vulnerability scan results displayed in the user interface. Essentially, the system acknowledges the VEX upload, but the UI isn't properly reflecting the updated CVE statuses.
What you expected to happen:
The UI should reflect the VEX status correctly.
Steps to reproduce:
Requirement : Artifact registry with Scanning enabled
[1]https://cloud.google.com/artifact-analysis/docs/create-vex
[2]https://cloud.google.com/artifact-analysis/docs/upload-vex
[3]https://cloud.google.com/artifact-analysis/docs/view-vex
Important Note :
VEX feature is still under preview.