Skip to main content

Generate a SAST General Vulnerability report

The SAST General Vulnerability report includes these details:

  • Vulnerability name: Links to the vulnerability details in the Contrast web interface.

  • Vulnerability type: For example, cryptography or injection

  • Severity: The Contrast vulnerability severity: critical, high, medium, low, or note

  • Language: The language of the code where Contrast found the vulnerability.

  • Vulnerable file name: Name of file where Contrast discovered the vulnerability..

  • Vulnerable line number: Line number in the file where Contrast discovered the vulnerability

  • Status: The Contrast status for the vulnerability: Reported, Confirmed, Suspicious, Not a problem, Remediated, Remediated - Auto-Verified, or Fixed.

  • Code snippet: A portion of the code where Contrast Scan found the vulnerability.

  • CWE: (if available): A link to the relevant Common Weakness Enumeration (CWE).

  • OWASP: A link to the OWASP page for the vulnerability.

This report can include up to 3,000 vulnerabilties.

Steps

  1. Select Scans in the header.

  2. Select a scan project.

  3. Select the Reports icon (icon-reports.svg) located at the top-right of the Scan project page.

  4. Select Generate SAST General Vulnerability Report.

  5. After Contrast generates the report, it prompts you to download it.

In this section: