> ## Documentation Index
> Fetch the complete documentation index at: https://docs.minimus.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Advisory Drill-Down

> Drill down on a specific advisory to learn more about the risk and the affected images

Drill down on a specific advisory to see the following details:

* Overview of the severity, exploitability label, date published, and last update
* Description of the vulnerability quoted from NVD or GitHub advisories with a link to view the CVE listing directly in the NVD database

## Internal advisory tabs

Advisory data is organized internally by tabs to make the information easy to interpret.

### Origin packages

Each advisory describes one origin package impacted by a single vulnerability. Minimus groups advisories together by vulnerability to simplify the display. Package-specific information for each of the affected origin packages is shown in expandable cards. Expand each card to see the advisory status, version information, fixed image version and more.

<Frame caption="Grouped advisory showing CVE-2025-47914 impacted 285 packages">
  <img src="https://mintcdn.com/gutsy-6162adbc/_X0J2TZFc5vwxlE1/images/grouped-by-vulnerability.png?fit=max&auto=format&n=_X0J2TZFc5vwxlE1&q=85&s=c6ad1554f7a05277248aea546e092698" alt="Grouped By Vulnerability" width="2560" height="1229" data-path="images/grouped-by-vulnerability.png" />
</Frame>

<Info>
  When drilling down from the advisories table, a filter is applied by default for the specific origin package. Clear the filter to see all packages affected by the same vulnerability.
</Info>

Filter the advisory by the origin package to see more details. Every origin package card shows:

* Affected images
* The current advisory status (fixed, unaffected, pending upstream fix, etc.)
* Fixed package version (if available)
* Fixed image version (if available) with a direct link to view the [image version card](/foundations/image-version)
* Date when the advisory was last updated

### Fix version information

If the package and associated images have already been fixed, the fixed image versions will be provided with direct links to view the image cards.

<Frame>
  <img src="https://mintcdn.com/gutsy-6162adbc/E15i6tB2QLVvLmZH/images/links-fixed-images.png?fit=max&auto=format&n=E15i6tB2QLVvLmZH&q=85&s=522c68a30cd118c0021b776a7c8ac4b5" alt="Links Fixed Images" width="2560" height="1229" data-path="images/links-fixed-images.png" />
</Frame>

If the package was already fixed, but the fixed image is still pending the build, the **fixed image version** will clearly state that it is **pending image build**.

<Frame>
  <img src="https://mintcdn.com/gutsy-6162adbc/E15i6tB2QLVvLmZH/images/pending-image-build.png?fit=max&auto=format&n=E15i6tB2QLVvLmZH&q=85&s=347ab758ecbb0bb5b07fd72049dbee5e" alt="Pending Image Build" width="2560" height="1229" data-path="images/pending-image-build.png" />
</Frame>

### Severity

The Severity tab shows severity details with the CVSS vector details and CVSS version information.

### Exploitability

The exploitability tab shows details about CISA KEV and EPSS probability and percentile rank scores.

### References

The references tab shows links to recommended reference material.

## Status history

For every affected package, expand the listing to view a history of the advisory statuses. You will see when the advisory came under review and the different updates provided with the rationale, when applicable.

Examples for status notes:

* If a package is listed as unaffected by the CVE, it will explain why the advisory is a false-positive. For example, the vulnerable code may not be present in the Minimus package.
* If a fix is not planned, the note will explain why. For example the package may have reached its end-of-life (EOL).