...

In addition, WhiteSource uses a proprietary patent-pending algorithm that matches the specific component with its vulnerability, resulting in a database that contains more than 175,000 vulnerabilities. These are collected on a daily basis from the National Vulnerability Database (NVD) and other resources and repositories such as RubyOnRails, RetireJS, NodeSecurity and GitHub issue tracker.

Vulnerability Types

There are two types of vulnerabilities:

...

The vulnerability identifier (Vulnerability ID) of either the CVE or WS type can be found in the Vulnerabilities Report. Clicking the Vulnerability ID link displays the vulnerability details, the CVSS3 base score metrics (when available), the vulnerable libraries, links to MITRE sources, a link to the library's CVE web page (when relevant), and provides fixes (if they exist).
For example:

...

and Security Alerts: View by Vulnerability screen.

Viewing and Utilizing Vulnerabilities Information

WhiteSource provides detailed information regarding any vulnerabilities that in your products might have, as described in the following sections.

...

The vulnerability identifier (Vulnerability ID) of either the CVE or WS vulnerability type can be found in the Vulnerabilities Report. Clicking the vulnerability identifier link in the Vulnerability ID column navigates you to the Security Vulnerability screen where more specific information is provided about the vulnerability.

Security Vulnerability Screen

...