Statuses
These are the current workflow statuses for vulnerabilities.| Status | Meaning |
|---|---|
open | New vulnerability, not yet reviewed |
confirmed | Verified as a real issue |
needs_review | Requires human attention |
in_progress | Being worked on |
in_review | Fix submitted, under review |
resolved | Final state. Resolution required |
closed | Final state. Resolution required |
Status notes
- When you move a vulnerability to
resolvedorclosed, a resolution is required - Available transitions depend on the current status
- Reopening a final status is tracked as a regression and shown in the vulnerability detail view
Resolutions
Resolutions describe the outcome when a vulnerability is markedresolved or closed.
| Resolution | Meaning |
|---|---|
fixed | Issue was fixed |
wont_fix | Accepted risk, will not fix |
false_positive | Not a real issue |
duplicate | Same as another vulnerability |
cannot_reproduce | Unable to verify |
done | Completed |
rejected | System-only, set when analysis determines it is not a vulnerability |