How do I know when software has been successfully matched?

As soon as you see a Matched status with an NVD token on your dependency component row in the Products table, this indicates that we've found an exact match with software in the NVD. The fact that your software is in the NVD means that it has reported vulnerabilities, so if you switch to the Vulnerabilities page, you'll start seeing any vulnerabilities associated with any dependency components in this product version.

If your dependency components have other match statuses, refer to:

Resolve a Multiple matches status
Resolve a Not found status with NOT IN NVD token
Resolve a Matched status with NOT IN NVD and package manager token

For more information, check out matching statuses and rules and match sources.

PreviousDashboard (home)NextGet a warning icon next to your dependency component version?

Last updated 28 days ago