π‘οΈ Sentinel-D β Dormant Vulnerability Decision Required
| Field |
Value |
| CVE ID |
CVE-2023-34362 |
| Severity |
CRITICAL |
| Affected Package |
progress-moveit-transfer @ 2023.0.0 |
| Fix Version Range |
>=2023.0.1 |
| File |
config/dependencies.json |
| Line Range |
12 β 12 |
| Repository |
sentinel-d/integration-test |
| Production Call Count (30d) |
0 (DORMANT β no production calls detected) |
π Historical DB Context
No historical data available.
π·οΈ Decision β Apply ONE Label
Choose one of the following labels to proceed:
sentinel/fix-now
Triggers the full Sentinel-D agentic remediation pipeline. The system will generate a patch, validate it in a sandbox, and open a PR if the confidence score is high enough.
sentinel/defer
Adds this vulnerability to the 30-day deferred backlog. Sentinel-D will re-evaluate after 30 days and re-open a decision issue if the vulnerability is still present.
sentinel/wont-fix
Records this as an accepted risk. Future Sentinel-D scans will not alert on this CVE in the affected file. Requires justification β please add a comment explaining why before applying this label.
β οΈ Auto-Escalation Warning: This issue will auto-escalate in 72 hours if no label is applied. The system will re-check production telemetry β if calls are now detected, the pipeline will be triggered automatically. Otherwise, the issue will be escalated to the security team lead.
π‘οΈ Sentinel-D β Dormant Vulnerability Decision Required
CVE-2023-34362CRITICALprogress-moveit-transfer@2023.0.0>=2023.0.1config/dependencies.json12 β 12sentinel-d/integration-testπ Historical DB Context
No historical data available.
π·οΈ Decision β Apply ONE Label
Choose one of the following labels to proceed:
sentinel/fix-nowsentinel/defersentinel/wont-fix