Skip to main content

Vulnerability Lookup

The vulnerability lookup view allows the user to search for Sonatype-proprietary and CVE vulnerabilities.

There are two ways to access this page: directly from the navigation bar or by clicking on the vulnerabilities identified when Vulnerabilities List.

The Vulnerability List Report will show the result of searching for that particular vulnerability.

The page is comprised of two sections: the search box and the vulnerability details.


Vulnerability lookup is an exact match search using vulnerability ID as an input.

Find will send a request to our data services and return the latest information we have about a vulnerability. The vulnerability need not have been already identified in any of your applications or repositories scanned by IQ Server.

The Vulnerability Details

Once a lookup is performed with a valid vulnerability ID, or if coming directly from a link in the Vulnerability List Report, the page will show the details corresponding to that particular vulnerability.


Within these results, the user can find detailed information about a vulnerability, such as an explanation of what comprises the vulnerability, relevant links to more information, severity scores, detection, recommendations, and whether or not the entry has gone through Fast Track or Deep Dive research.

Anonymous Vulnerability Lookup

You can look up a vulnerability without logging in.

A link to the vulnerability lookup page is now provided in the Login dialog:


When a lookup is performed anonymously, the provided vulnerability information is limited to the following vulnerability details:

  • Issue

  • Severity

  • Source

  • Explanation

  • CVSS Details