Posture
critical
1
high
3
medium
6
low
2
Ownership
Findings (14)
info
Dependency confusion risk on internal package
GitleaksSecrets
open
8.2
medium
Path traversal in file download endpoint
GitleaksSecrets
open
8.7
low
Container running as root
Scout SuiteCSPM
triaged
10
medium
Terraform module pins old AMI with CVEs
Cloudflare WAFWAF
open
7.1
high
Dependency confusion risk on internal package
CheckmarxSAST
open
8.4
critical
Race condition in payment idempotency
Cloudflare WAFWAF
open
8.3
medium
Outdated lodash with prototype pollution
SemgrepSAST
open
9.8
high
Missing rate limiting on /login
SnykSCA
open
7.8
medium
Log4Shell vulnerable dependency
ProwlerCSPM
open
9.5
medium
Missing rate limiting on /login
Cloudflare WAFWAF
accepted
5.6
low
Dependency confusion risk on internal package
TrivyContainer
triaged
6.7
medium
Terraform module pins old AMI with CVEs
ProwlerCSPM
open
9.7