When clicking on a CVE under the VM Explorer tied to a Dependabot alert I would expect to see a link to the out-dated dependency within GitHub. It doesn't show any details about where the alert came from.
For example, a dependabot Scanner ID of
"GitHubDependabot RVA_kwDOHBn6OM5wVKTm"
or Unique Identifier of "GitHubDependabot CVE-2021-26217" should point to
<REPO_URL>/security/dependabot/4
When clicking on a CVE under the VM Explorer tied to a Dependabot alert I would expect to see a link to the out-dated dependency within GitHub. It doesn't show any details about where the alert came from.
For example, a dependabot Scanner ID of
"GitHubDependabot RVA_kwDOHBn6OM5wVKTm"
or Unique Identifier of "GitHubDependabot CVE-2021-26217" should point to
<REPO_URL>/security/dependabot/4