SOOS reports the Common Vulnerability Scoring System (CVSS) Base Score for each CVE and/or GHSA* found in your project scans.   

For more information about CVEs in your project, including whether or not they are exploitable, refer to the SOOS vulnerability research database.  Access this database in one of 3 ways:

  1. Select Research in the left nav menu in the app, then click Vulnerabilities to navigate to the vulnerability research database home page.
  2. Select the Research chip associated with a specific CVE to navigate directly to the vulnerability research page for that CVE.
  3. Visit the following URL to navigate to the vulnerability research database home page: 


*GHSA = GitHub Security Advisory vulnerability, located in the GitHub Advisory Database; These vulnerabilities may also be associated with a CVE identifier from the National Vulnerability Database (NVD)