Posture
critical
1
high
4
medium
2
low
5
Ownership
Findings (14)
info
Outdated lodash with prototype pollution
Scout SuiteCSPM
triaged
9.1
high
Path traversal in file download endpoint
OWASP ZAPDAST
open
6
low
Dependency confusion risk on internal package
SemgrepSAST
open
5.1
low
Insecure deserialization in message queue consumer
TruffleHogSecrets
open
7.7
info
Insecure deserialization in message queue consumer
Burp Pro PenTestPenTest
open
9
high
Dependency confusion risk on internal package
tfsecIaC
open
9.2
high
SQL Injection in user-input handler
CodeQLSAST
open
9.1
critical
Hardcoded AWS access key in source
CheckovIaC
false positive
8.6
medium
Open Redis without auth
Contrast RASPRASP
open
7
low
Excessive Kubernetes RBAC privileges
SemgrepSAST
accepted
7.8
low
Container running as root
WizCSPM
open
4.6