Skip to main content

View SCA vulnerability details

Vulnerabilities represent the set of security concerns across a project or workspace. Viewing vulnerability details allows you to view information across all versions of a specific vulnerability, such as libraries in which the agent-based scan has found it.

Unlike issues of type Vulnerability, Veracode SCA counts each vulnerability only once within the context of a workspace, even if the same library and corresponding vulnerabilities exist across multiple projects. Also, you cannot ignore vulnerabilities, which means the number of vulnerabilities could be greater than the number of issues of type Vulnerability.

To complete this task:

  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.

  2. Click the Agent-Based Scan tab.

  3. Select a workspace.

  4. If you want to view vulnerabilities for an individual project, click Projects and select a project.

  5. Select the Vulnerabilities tab.

  6. In the list of vulnerabilities, select the Vulnerability link for a given issue:

    Clicking this link takes you to the Veracode Vulnerability Database where you can view the vulnerability details in the left navigation menu.