What is this?

The report on the left shows you how many known-vulnerabilities are present in your master branch right now. You can reduce the number of known-vulnerabilities in your software by upgrading libraries to non-vulnerable versions, or by removing vulnerable libraries from your system altogether.

Why is this important for me?

Known-vulnerabilities in software libraries are the #1 attack vector for data breaches. Attackers might abuse vulnerable libraries to take down your systems, exfiltrate sensitive data, or as a stepping stone to breach other systems.

How are severity levels calculated?

Security researchers use NIST's CVSS guidelines to calculate severity scores when publishing vulnerabilities. Severity scores above 7.0 are considered high. Scores above 9.0 are considered critical.