{{ finding.title }}
Change {{ auto_resolve_change.change_id }}
— adapter {{ auto_resolve_change.rescan_adapter }} did not re-emit this fingerprint
on the most recent {{ auto_resolve_change.notes.split('stage=')[1].split(' ')[0] if 'stage=' in (auto_resolve_change.notes or '') else 'scan' }}-stage scan
({{ auto_resolve_change.last_state_at|localtime }}).
The scanner is treating this finding as fixed/gone. If that's wrong (e.g. the file was moved
rather than fixed), revert the Change from its detail page — subsequent absent re-scans
will respect the revert and not re-auto-resolve.
This finding came from intel_match, which cross-references manifest text against external CVE feeds via token overlap.
It is not ground truth that the affected product is in use — only that a word in this app's manifest
({{ finding.evidence.get('matched_tokens', [])|join(', ') }}) appeared in the feed's CVE title/summary.
Severity is capped at HIGH for unverified matches even when the CVE is on CISA KEV.
Verify by opening the advisory below and confirming the product/version matches what's actually deployed —
if it doesn't, dismiss this finding.
Description
{{ finding.description }}
Remediation
{{ finding.remediation }}
Evidence
| {{ k }} | {{ v }} |
Affected
| {{ k }} | {{ v }} |
Compliance evidence
-
{% for c in finding.compliance %}
- {{ c }} {% endfor %}
References
-
{% for r in finding.references %}
- {{ r }} {% endfor %}
Related intel external feed coverage for CVE{{ 's' if cve_ids|length > 1 else '' }} mentioned in this finding
CVE{{ 's' if cve_ids|length > 1 else '' }} in this finding:
{% for c in cve_ids %}{{ c }}{% if not loop.last %}, {% endif %}{% endfor %}.
Intel feeds supplement the scanner's own data — the finding above is the source of truth for what's in your code;
these rows show what external feeds are saying about the same CVE.
| CVE | Severity | CVSS | Title | Source feed | Published | Fetched |
|---|---|---|---|---|---|---|
| {% if r.item.link %}{{ r.item.cve_id }}{% else %}{{ r.item.cve_id }}{% endif %} | {% if r.item.severity %}{{ r.item.severity }}{% else %}—{% endif %} | {{ '%.1f'|format(r.item.cvss) if r.item.cvss is not none else '—' }} | {{ r.item.title }} | {{ r.feed_name }} | {{ r.item.published }} | {{ r.item.fetched_at|localtime }} |
No intel matches yet for these CVEs. Configured feeds may not have surfaced them, or none of your feeds cover this CVE source. Add or fetch feeds on Feeds.
{% endif %}Remediation
{% if existing_changes %}This finding already has {{ existing_changes|length }} change(s):
-
{% for c in existing_changes %}
-
{{ c.change_id }}— {{ c.state.value }} {{ c.summary }}
{% endfor %}
Auto-fix available via {{ remediators|join(', ') }}. Proposed changes are reviewable before any file is touched; backups are taken automatically.
{% else %} {% endif %} View remediation queue