Posture
critical
1
high
4
medium
9
low
8
Ownership
Findings (27)
high
Terraform module pins old AMI with CVEs
SnykSCA
open
8.4
low
Race condition in payment idempotency
DependabotSCA
open
6
info
S3 bucket publicly readable
GitleaksSecrets
open
6.3
low
Race condition in payment idempotency
CheckmarxSAST
false positive
5.9
high
Insecure deserialization in message queue consumer
TrivyContainer
open
4.3
info
Excessive Kubernetes RBAC privileges
TrivyContainer
triaged
4.8
low
Dependency confusion risk on internal package
SemgrepSAST
open
5.1
low
IAM role with wildcard permissions
TruffleHogSecrets
open
9.2
low
Log4Shell vulnerable dependency
ProwlerCSPM
triaged
9.1
medium
Cross-site Scripting in profile renderer
OWASP ZAPDAST
open
5.4
medium
Container running as root
WizCSPM
open
6.6
medium
Dependency confusion risk on internal package
TrivyContainer
open
8.2
medium
Missing rate limiting on /login
TruffleHogSecrets
open
6.1
low
Terraform module pins old AMI with CVEs
Contrast RASPRASP
accepted
9.8
low
Terraform module pins old AMI with CVEs
Contrast RASPRASP
open
7.9
medium
Missing CSP header on auth pages
Cloudflare WAFWAF
accepted
4.9
medium
Log4Shell vulnerable dependency
Burp SuiteDAST
accepted
9
medium
Dependency confusion risk on internal package
SemgrepSAST
open
7.1
high
Path traversal in file download endpoint
GitleaksSecrets
open
6
medium
Race condition in payment idempotency
DependabotSCA
open
9.4
info
JWT signed with weak HS256 secret
Scout SuiteCSPM
accepted
9.6
info
S3 bucket publicly readable
SemgrepSAST
open
5.1
critical
Excessive Kubernetes RBAC privileges
OWASP ZAPDAST
open
9.9