Skip to main content

Overview

The vulnerability detail view is where you review evidence, update status, assign owners, and create tickets. For definitions of severity, impacts, and vulnerability types, see Vulnerabilities and Impacts.

Page layout

  • Header tabs: Overview, Analysis when call hierarchies exist, Activity
  • Watch button: toggle watching and see watcher count
  • Main content: type specific sections on the left, with a right sidebar for status and metadata
  • Comments: shown below the main content on the Overview tab

Detail view by vulnerability type

Overview tab, left column
  • Description: code snippet with highlighted lines and analysis context. The context can show confirmed vulnerable or exploitable evidence, a Needs Review state when human review is required, or non-exploitable or non-vulnerable analysis. Fixing advice appears when available.
  • Locations: table with Container, Line, and Branch/Ref columns
Analysis tab
  • Call hierarchy selector and either data flow analysis or function analysis
  • Step by step analysis with code excerpts when available
  • Status and resolution: shows the current lifecycle state and resolution. See Statuses and Resolutions. Human review required callouts group active escalation sources and reasons, show path counts when multiple locations need review, and include the timestamp when available.
  • Snooze: request a temporary snooze, review a pending snooze request, approve or reject requests when permitted, cancel your own request, or clear an active snooze. See Snoozes.
  • Analysis: vulnerable and exploitable flags, severity, CWE, and fixing complexity when available. Definitions are in Vulnerabilities and Impacts.
  • Assignment: current assignee and reassignment controls. For automated routing, see Auto assignment.
  • Ticketing: linked tickets and create ticket action. When no Jira or Linear integration is active in the workspace, this section shows a placeholder pointing to settings instead of the create action. See Tickets.
  • Introduced by: author and first detected timestamp for non dependency vulnerabilities
  • Impacts: impact categories shown as icons. See Impacts.

Activity tab

The Activity tab shows a timeline of key events such as status changes, comments, and system activity.