Each scope can return a finding with details about a vulnerability.
A finding improves explainability by attaching comprehensive information such as CVSS scores, advisories, evidence (including decompiled code and annotations), and other metadata.
Findings are created using one of the methods provided by VulHunt listed below:
Each method accepts a table with the following fields:
The “BTP Only” column indicates fields that are only relevant when a VulHunt
rule is executed on the Binarly Transparency Platform.
Reference
name
CVE ID or unique identifier for the vulnerability finding.
description
A short summary or description of the vulnerability or finding.
provenance
A ProvenanceTable describing the origin and context of a component related to the finding.
cwes
A table of CWE identifiers associated with the finding.
mbcs
A table of MBC (Malware Behavior Catalog) identifiers associated with the finding.
cvss
The CVSS information for the finding.
advisory
URL to the official advisory related to the vulnerability.
identifiers
A table of identifiers for the finding (e.g., CVE, GHSA, OSV, etc.).
variants
A list or map of variant objects describing related vulnerabilities or variations.
patch
URL to the patch that addresses the vulnerability.
source
URL to the source file or repository where the vulnerability was found.
evidence
Evidence details supporting the finding, such as code snippets or annotations.
notes
Notes related to the vulnerability or the finding, provided as a table of title/text pairs.
references
Additional references related to the vulnerability, provided as a table of title/URL pairs.
Example