Type: FindingClass

Enumeration of the different classes of Findings in the system.


  • CODE_SMELL: A maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should making changes to the code. At worst, they'll be so confused by the state of the code that they'll introduce additional errors as they make changes.
  • INFORMATION: Finding is informational only. There are no security issues directly contained within this Finding, but new security issues could be generated through enrichments against this finding.
  • VULNERABILITY: A weakness that can be exploited by an attacker. A vulnerability does not need to by tied to a CVE or other known vulnerability source. In the case in which there is no reported vulnerability, this type of issue is a 0-day vulnerability.
  • WEAKNESS: A security issue identified in code, a configuration, or a binary which could potentially by exploited by an attacker. Weaknesses should be tied to at least one CWE.

This page was generated: 2024-05-17