Vulnerability Details

Vulnerability Detail information includes:

The Vulnerability Class is the name of the general type of vulnerability — for example, cross-site scripting or sql injection.
The Vulnerability ID is the Sentinel ID for this specific vulnerability.
"Located In" gives the path to the vulnerability (the URL for a site or the repository path for an application).
"Opened On" is the date the vulnerability was reported.
"Days Open" is the number of days the vulnerability is or was open.
"Status" is open, closed, accepted, mitigated, or invalid. (Please see "Vuln Status.")
"Compliance" indicates whether this vulnerability is affected by a compliance policy (e.g. PCI compliance, other customer-identified compliance policy).
In addition, the Ask a Question tab is available:

If you need more information about the vulnerability than is available in the Description & Solution tab, you can use the Ask a Question tab for clarification. Questions submitted here are routed directly to our engineers, bypassing the Synopsys Software Integrity Community.

Ask a Question

To ask a question using the Vulnerability Management functions, perform the following steps:

Click Findings.
Select a Vuln ID from the Vulnerability Management page.
Select Ask a Question.
Click the Ask a Question icon.
Type a Question in the text field provided.
Click Submit to send your question to the Threat Research Center.

Previous questions and responses can be reviewed in the Ask a Question section.

Finally, if there is a recommended patch available for the vulnerability in question, it will be available under the Directed Remediation tab, located to the right of Ask a Question. Here you can review and download recommended patches.

Additional tabs at the top of the Vulnerability Detail Screen allow you to see the application overview, scan configuration, libraries, and file coverage information.