π‘οΈ Sentinel-D β Dormant Vulnerability Decision Required
| Field |
Value |
| CVE ID |
CVE-2023-32315 |
| Severity |
HIGH |
| Affected Package |
org.igniterealtime.openfire:openfire @ 4.7.4 |
| Fix Version Range |
>=4.7.5 |
| File |
pom.xml |
| Line Range |
30 β 30 |
| Repository |
sentinel-d/integration-test |
| Production Call Count (30d) |
0 (DORMANT β no production calls detected) |
π Historical DB Context
No historical data available.
π·οΈ Decision β Apply ONE Label
Choose one of the following labels to proceed:
sentinel/fix-now
Triggers the full Sentinel-D agentic remediation pipeline. The system will generate a patch, validate it in a sandbox, and open a PR if the confidence score is high enough.
sentinel/defer
Adds this vulnerability to the 30-day deferred backlog. Sentinel-D will re-evaluate after 30 days and re-open a decision issue if the vulnerability is still present.
sentinel/wont-fix
Records this as an accepted risk. Future Sentinel-D scans will not alert on this CVE in the affected file. Requires justification β please add a comment explaining why before applying this label.
β οΈ Auto-Escalation Warning: This issue will auto-escalate in 72 hours if no label is applied. The system will re-check production telemetry β if calls are now detected, the pipeline will be triggered automatically. Otherwise, the issue will be escalated to the security team lead.
π‘οΈ Sentinel-D β Dormant Vulnerability Decision Required
CVE-2023-32315HIGHorg.igniterealtime.openfire:openfire@4.7.4>=4.7.5pom.xml30 β 30sentinel-d/integration-testπ Historical DB Context
No historical data available.
π·οΈ Decision β Apply ONE Label
Choose one of the following labels to proceed:
sentinel/fix-nowsentinel/defersentinel/wont-fix