ContextQMD
Back to Gitlabhq

Vulnerability archival

doc/user/application_security/vulnerability_archival/_index.md

18.11.22.2 KB
Original Source

{{< details >}}

  • Tier: Ultimate
  • Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated

{{< /details >}}

{{< history >}}

  • Introduced in GitLab 18.0 with a flag named vulnerability_archival. Disabled by default.

{{< /history >}}

[!flag] The availability of this feature is controlled by a feature flag. For more information, see the history.

To ensure the GitLab database remains performant, vulnerabilities are archived monthly from the database. Vulnerabilities that were last updated more than one year ago are archived. A vulnerability is updated every time a change is made, for example, when its status is changed.

Archived vulnerabilities remain available for download for an additional 3 years, after which they are deleted.

Vulnerability metrics, such as those in the security dashboard and value streams dashboards, include statistics on archived vulnerabilities.

Archival process

Every month, the vulnerability archival process runs and does the following:

  • Archives vulnerabilities last updated more than 12 months ago.

    Archived vulnerabilities are deleted from the vulnerability report. To retrieve their details, download the relevant vulnerability archive.

  • Deletes archives created more than 3 years ago.

Vulnerability archive

A vulnerability archive is a CSV file containing details of all vulnerabilities that were archived in a specific month or year, or within a specific date range.

Download a vulnerability archive

Download a vulnerability archive to search or analyze the details it contains.

Prerequisites:

  • You must have the Owner role for the project or the read_vulnerability_archive permission.

To download a vulnerability archive:

  1. In the top bar, select Search or go to and find your project or group.
  2. Select Secure > Security configuration, then select Vulnerability Management.
  3. To download details of all vulnerabilities archived:
    • For a specific year, in the row for that year, select Download all.
    • For a specific year and month, expand the year, then in the row for that month select Download ({{< icon name="download" >}}).

The selected vulnerability archive is downloaded as a CSV file.