SonarQube Vulnerability Severity Changes


We’re working monthly vulnerability trends, but some vulnerabilities show consistent severity fluctuations, complicating tracking. We’re seeking insights into the reasons behind these changes to enhance our understanding. I shared an example image below.


It looks like these issues are coming from GitHub - dependency-check/dependency-check-sonar-plugin: Integrates Dependency-Check reports into SonarQube

I would suggest asking the maintainer.