Just to say that with the PURL added to the Django package I got notified for the CVE. On 4/16/25 10:40 PM, Thomas Petazzoni wrote: > Hello, > > On Wed, 16 Apr 2025 22:06:17 +0200 > Thomas Perale <thomas.perale at mind.be> wrote: > >> DependencyTrack uses NVD annotation unfortunately. > And? Sorry, I'm not sure to follow you. > > Thomas