Vulnerabilities

What is Vulnerability?

A security flaw, glitch, or weakness found in software code that could be exploited by an attacker (threat source).

To understand the overall risk of a software, it is important to understand the vulnerabilities of the direct as well as the transitive dependencies.

Understanding Vulnerabilities

• Count of components that are vulnerable is displayed towards left, along with the category of the components (open-source, private, third-party, unknown).

• The vulnerability count is displayed towards the right, grouped by severity (critical, high, medium, low).

• Each tile is clickable which will list down the components applicable to that filter in a table view. The details will list the component name, version, total vulnerabilities and a capsule for vulnerabilities details.

• By clicking the vulnerabilities capsule, next level details will be shown as below.

• By clicking on any row, the sidesheet shows up as shown below.