Vulnerability Remediation

The Vulnerability Remediation page provides detailed information on the vulnerabilities that are affecting your projects. It can be accessed by clicking the Remediations link from the hamburger menu in the upper-right corner or by clicking any vulnerability on the Portfolio page.

Vulnerability List

On the left-hand side of the page is a list of all of the vulnerabilities found in any of your project's most recent analyses. This data includes the vulnerability base score, vulnerability name, what software is affected, and the number of projects in which this vulnerability is present.

The vulnerability list can be sorted by impact (the number of projects affected by a vulnerability), severity (the severity score of a vulnerability, or the vulnerability name alphabetically.

The search box allows you to search for a vulnerability name.

Vulnerability Details

The information to the right of the list of vulnerabilities will change based on which vulnerability has been selected. At the top is the detailed information about the selected vulnerability. This data includes:

• Vulnerability Name
• CVSS Score - Both CVSS versions 2 and 3 will be present when available.
• Base Score Metrics
• Remediation Information when available

Projects Affected

Beneath the vulnerability details is a list of all active projects that are affected by the selected vulnerability. This list includes the project name, the version of the project, and the total number of vulnerabilities affecting it. Selecting any of the projects in this list will take you to the most recent analysis details for that project.