Skip to content

--severity-threshold is ignored #264

Open
Open
--severity-threshold is ignored#264
Assignees
emmanuelgautier
Labels
enhancementNew feature or request
@igor-sosnowicz

Description

@igor-sosnowicz
igor-sosnowicz
opened on May 23, 2025

Withe the following command
vulnapi scan curl -X 'POST'
'http://127.0.0.1:8000/register'
-H 'accept: application/json'
-H 'Content-Type: application/json'
-d '{
"first_name": "string",
"last_name": "string",
"email": "string@gmail.com",
"password": "string",
"role": "candidate"
}' --report-format table --severity-threshold 7.0

...

OPERATION RISK LEVEL CVSS 4.0 SCORE OWASP ISSUE
POST /register Medium 5.1 API8:2023 Security CORS Headers are missing
Misconfiguration
Medium 5.1 API8:2023 Security CSP frame-ancestors policy is
Misconfiguration not set
Medium 5.1 API8:2023 Security X-Frame-Options Header is
Misconfiguration missing
Info 0.0 API8:2023 Security Service Fingerprinting
Misconfiguration
Info 0.0 API8:2023 Security Operation May Accepts
Misconfiguration Unauthenticated Requests
Info 0.0 API8:2023 Security X-Content-Type-Options Header
Misconfiguration is missing
Info 0.0 API8:2023 Security CSP Header is not set
Misconfiguration
Info 0.0 API8:2023 Security HSTS Header is missing
Misconfiguration

I should have received issue with the severity level >= 7.0, but I get all of them.

Thank you for your efforts in advance!

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions