semgrep — RealVuln Scanner Detail

Repository	F2	Recall	Precision	TP	FP	FN
damn-vulnerable-flask-application	30.9	33.3	23.8	5	16	10
damn-vulnerable-graphql-application	6.7	5.7	22.2	2	7	33
djangoat	20.1	20.0	20.4	10	39	40
dsvpwa	21.3	18.8	46.2	6	7	26
dsvw	0.0	0.0	0.0	0	0	27
dvblab	33.9	36.4	26.7	8	22	14
dvpwa	10.2	9.1	20.0	2	8	20
extremely-vulnerable-flask-app	11.9	10.7	21.4	3	11	25
flask-xss	12.9	10.7	75.0	3	1	25
insecure-web	48.1	55.6	31.2	5	11	4
intentionally-vulnerable-python-application	30.3	28.6	40.0	2	3	5
lets-be-bad-guys	39.8	37.5	52.9	9	8	15
owasp-web-playground	13.3	20.7	5.5	6	104	23
pygoat	21.8	25.7	13.5	18	115	52
python-insecure-app	0.0	0.0	0.0	0	0	8
pythonssti	55.6	50.0	100.0	1	0	1
threatbyte	8.8	8.3	11.8	2	15	22
vampi	0.0	0.0	0.0	0	0	13
vfapi	13.5	11.1	100.0	1	0	8
vulnerable-api	30.3	28.6	40.0	4	6	10
vulnerable-flask-app	16.0	15.0	21.4	3	11	17
vulnerable-python-apps	10.0	9.1	16.7	2	10	20
vulnerable-tornado-app	7.7	7.1	11.1	1	8	13
vulnpy	18.7	16.7	37.1	13	22	65
vulpy	23.0	22.2	26.7	12	33	42

Repository	Broken Access Co..	Code Injection /..	Command / OS Inj..	Denial of Service	Hardcoded Creden..	HTTP Header Inje..	Insecure Deseria..	Missing Authenti..	Open Redirect	Other	Path Traversal	Security Misconf..	Sensitive Data E..	SQL Injection	Server-Side Requ..	XPath Injection	Cross-Site Scrip..	XML External Ent..
damn-vulnerable-flask-application	—	100%	0%	—	0%	—	—	0%	—	0%	—	—	—	0%	—	—	100%	0%
damn-vulnerable-graphql-application	0%	—	0%	0%	0%	—	—	0%	—	9%	0%	0%	0%	100%	0%	—	0%	—
djangoat	0%	100%	0%	—	0%	—	100%	0%	0%	8%	0%	50%	0%	100%	—	—	43%	—
dsvpwa	—	—	100%	—	0%	—	100%	0%	0%	0%	0%	0%	0%	100%	0%	—	33%	—
dsvw	—	0%	0%	0%	0%	0%	0%	—	0%	0%	0%	0%	0%	0%	0%	0%	0%	0%
dvblab	0%	—	—	—	0%	—	100%	0%	—	25%	—	100%	0%	100%	—	—	—	—
dvpwa	—	—	—	—	—	—	—	0%	—	11%	—	0%	0%	100%	—	—	0%	—
extremely-vulnerable-flask-app	0%	—	—	0%	0%	—	100%	0%	—	0%	—	25%	0%	50%	0%	—	0%	—
flask-xss	0%	—	—	—	50%	—	—	0%	100%	12%	—	0%	0%	0%	—	—	0%	—
insecure-web	—	—	—	—	0%	—	—	0%	—	33%	—	100%	—	100%	—	—	100%	—
intentionally-vulnerable-python-application	—	—	0%	—	0%	—	100%	—	—	50%	—	—	—	0%	0%	—	0%	—
lets-be-bad-guys	0%	67%	—	—	0%	—	—	0%	100%	57%	100%	33%	0%	0%	—	—	0%	—
owasp-web-playground	0%	—	—	—	0%	—	100%	0%	—	11%	—	100%	0%	100%	0%	—	0%	0%
pygoat	0%	50%	67%	—	0%	—	100%	0%	—	23%	100%	33%	0%	100%	100%	—	14%	0%
python-insecure-app	—	—	—	—	0%	—	—	—	—	0%	—	0%	0%	—	0%	—	0%	—
pythonssti	—	—	—	—	—	—	—	—	—	0%	—	—	—	—	—	—	100%	—
threatbyte	0%	—	—	—	0%	—	—	0%	—	11%	0%	0%	0%	100%	0%	—	0%	—
vampi	0%	—	—	0%	0%	—	—	0%	—	0%	—	—	0%	0%	—	—	—	—
vfapi	—	—	—	—	—	—	—	0%	—	100%	—	—	0%	0%	—	—	—	—
vulnerable-api	—	—	—	—	0%	100%	—	0%	—	67%	0%	—	0%	100%	0%	—	0%	—
vulnerable-flask-app	0%	—	—	—	0%	—	100%	—	—	14%	0%	—	0%	100%	—	—	0%	0%
vulnerable-python-apps	—	—	—	—	0%	—	50%	0%	—	0%	0%	—	0%	0%	100%	—	0%	—
vulnerable-tornado-app	—	—	0%	—	0%	—	—	0%	—	0%	0%	0%	0%	100%	—	—	0%	—
vulnpy	—	67%	33%	0%	—	—	100%	—	—	12%	0%	0%	—	67%	0%	0%	25%	0%
vulpy	0%	—	0%	—	0%	—	—	0%	—	27%	0%	0%	0%	100%	—	—	0%	—