Posture
critical
2
high
3
medium
4
low
3
Ownership
Findings (16)
critical
Log4Shell vulnerable dependency
GitleaksSecrets
open
4.2
low
Unencrypted RDS snapshot
GitleaksSecrets
false positive
8.5
medium
SSRF in webhook fetcher
DependabotSCA
open
7.2
high
Missing CSP header on auth pages
CheckmarxSAST
open
7.7
medium
IAM role with wildcard permissions
SemgrepSAST
open
8.6
info
Path traversal in file download endpoint
CheckovIaC
accepted
6.5
info
Missing CSP header on auth pages
OWASP ZAPDAST
false positive
5.3
info
Cross-site Scripting in profile renderer
CheckovIaC
open
5.3
high
Excessive Kubernetes RBAC privileges
WizCSPM
open
4.2
low
Dependency confusion risk on internal package
Scout SuiteCSPM
open
4.4
critical
Open Redis without auth
SnykSCA
open
6.7
medium
Path traversal in file download endpoint
TrivyContainer
open
9.2
info
Path traversal in file download endpoint
GitleaksSecrets
triaged
9.6
low
Path traversal in file download endpoint
SemgrepSAST
open
8.6