Skip to main content
Each scope can return a finding with details about a vulnerability. A finding improves explainability by attaching comprehensive information such as CVSS scores, advisories, evidence (including decompiled code and annotations), and other metadata. Findings are created using one of the methods provided by VulHunt listed below: Each method accepts a table with the following fields:
The “BTP Only” column indicates fields that are only relevant when a VulHunt rule is executed on the Binarly Transparency Platform.

Reference

name

CVE ID or unique identifier for the vulnerability finding.

description

A short summary or description of the vulnerability or finding.

provenance

A ProvenanceTable describing the origin and context of a component related to the finding.

cwes

A table of CWE identifiers associated with the finding.

mbcs

A table of MBC (Malware Behavior Catalog) identifiers associated with the finding.

cvss

The CVSS information for the finding.

advisory

URL to the official advisory related to the vulnerability.

identifiers

A table of identifiers for the finding (e.g., CVE, GHSA, OSV, etc.).

variants

A list or map of variant objects describing related vulnerabilities or variations.

patch

URL to the patch that addresses the vulnerability.

source

URL to the source file or repository where the vulnerability was found.

evidence

Evidence details supporting the finding, such as code snippets or annotations.

notes

Notes related to the vulnerability or the finding, provided as a table of title/text pairs.

references

Additional references related to the vulnerability, provided as a table of title/URL pairs.

Example