Code vulnerabilities are weaknesses in a software system that can be exploited by attackers to gain unauthorized access, steal sensitive data, or cause other types of harm. Being able to recognize and fix these vulnerabilities is important because it helps to protect the system and its users from potential attacks and breaches. This topic is one of the most pressing security issues that the software industry is dealing with nowadays. Our interest in the issue of ensuring that the open-source components used in SAP's products are free of (known) vulnerabilities is what motivated us to continue with this work. The vulnerability management process of a software with open source components is a challenging problem due to its dependence on non-reliable standard sources of advisories and vulnerability data.