This time the latest critical git vulnerabilities are detected by Nexus IQ.
I made the conclusion that Nexus IQ yum analysis is based on ossindex.sonatype.org to operate,
which is a completely outdated repository, only 2 git versions are referenced:
Hi @ericth - thanks for your post! We only support RPMs from the EPEL repositories at this time.
I would suggest visiting the Sonatype Ideas portal and submitting an idea - that you would like us to ingest RPMs from repositories other than the EPEL repositories.
You can also encourage others to vote for your idea and track its progress - someone from our team will reach out there if you submit an idea as well.