Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
01eadebe
Commit
01eadebe
authored
Nov 03, 2020
by
Nick Gaskill
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Apply 1 suggestion(s) to 1 file(s)
parent
e335c120
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
19 additions
and
13 deletions
+19
-13
doc/user/application_security/coverage_fuzzing/index.md
doc/user/application_security/coverage_fuzzing/index.md
+19
-13
No files found.
doc/user/application_security/coverage_fuzzing/index.md
View file @
01eadebe
...
...
@@ -228,20 +228,26 @@ After a vulnerability is found, you can [interact with it](../index.md#interacti
By clicking on one of the detected vulnerabilities, you can
see the details. You can also view the vulnerability from the
[
Security Dashboard
](
../security_dashboard/index.md
)
,
which shows you an overview of all the security vulnerabilities in your groups, projects and pipelines.
Clicking the vulnerability opens a modal which provides additional information about the vulnerability.
-
Status:
-
Project:
By clicking on one of the detected vulnerabilities, you can see the details. You can also view the
vulnerability from the
[
Security Dashboard
](
../security_dashboard/index.md
)
,
which shows you an overview of all the security vulnerabilities in your groups, projects, and
pipelines.
Clicking the vulnerability opens a modal that provides additional information about the
vulnerability:
-
Status: The vulnerability's status. As with any type of vulnerability, a coverage fuzzing
vulnerability can be Detected, Confirmed, Dismissed, or Resolved.
-
Project: The project in which the vulnerability exists.
-
Crash type: The type of crash or weakness in the code. This typically maps to a
[
CWE
](
https://cwe.mitre.org/
)
.
-
Crash state:
-
Stacktrace snippet:
-
Identifiers:
-
Severity:
-
Scanner:
-
Scanner Provider:
-
Stacktrace snippet: The last few lines of the stacktrace, which shows details about the crash.
-
Identifier: The vulnerability's identifier. This maps to either a
[
CVE
](
https://cve.mitre.org/
)
or
[
CWE
](
https://cwe.mitre.org/
)
.
-
Severity: The vulnerability's severity. This can be Critical, High, Medium, Low, Info, or Unknown.
-
Scanner: The scanner that detected the vulnerability (for example, Coverage Fuzzing).
-
Scanner Provider: The engine that did the scan. For Coverage Fuzzing, this can be any of the
engines listed in
[
Supported fuzzing engines and languages
](
#supported-fuzzing-engines-and-languages
)
.
### Glossary
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
