Add more CWE / CVE information into the vulnerability details UI

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Problem

Today the information we provide about any given vulnerability is varied and often limited. This makes an investigation and subsequent dismissal or remediation difficult, especially for developers. One of our goals should be to inform the user how to fix the vulnerability they've introduced as well as give them information on how to prevent introducing it in the future.

Example:

Our details:

Screen_Shot_2019-05-21_at_3.13.37_PM

Details on cwe-918 https://cwe.mitre.org/data/definitions/918.html

you'll notice the cwe.mitre link has a lot of useful information that could help with remediation and prevention.

Goal:

  • Discuss how we might inject more information about a vulnerability into our UI so the user does not have to leave the application to learn what they need to about any given vulnerability.

  • Identify what information is needed and what's preventing us from displaying that today.

Edited by 🤖 GitLab Bot 🤖