GitHub Advanced Code Security - does it give alerts on new CVEs for archived release artifacts?

[mloeser21]

Select Topic Area

Question

Body

Let's say I release a new binary to a customer each month - during the release I scan it for CVEs, especially w.r.t. the OSS components.
But will GitHub Advanced Security alert me on new CVEs that come up for any of my previous release artifacts so that I can patch them for customers who desire to stay on an older release train?
Thanks!

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬