← Back to Dashboard

sonarqube

Scanner detail · 26 repositories scored · generated 2026-04-21 13:55 UTC
F3
7.1
F3 Score (strict)
F2
7.9
F2 Score (strict)
6.5%
Recall (strict)
61.1%
Precision (strict)
26
Repos Scored
Per-Repository Breakdown TP / FP / FN
Per-Repository Scores click headers to sort
Repository F2 Recall Precision TP FP FN
damn-vulnerable-flask-application 0.0 0.0 0.0 0 0 15
damn-vulnerable-graphql-application 0.0 0.0 0.0 0 0 35
djangoat 0.0 0.0 0.0 0 0 50
dsvpwa 0.0 0.0 0.0 0 0 32
dsvw 0.0 0.0 0.0 0 0 27
dvblab 0.0 0.0 0.0 0 0 22
dvpwa 0.0 0.0 0.0 0 0 22
extremely-vulnerable-flask-app 16.9 14.3 66.7 4 2 24
flask-xss 0.0 0.0 0.0 0 0 28
insecure-web 37.5 33.3 75.0 3 1 6
intentionally-vulnerable-python-application 0.0 0.0 0.0 0 0 7
lets-be-bad-guys 38.1 33.3 88.9 8 1 16
owasp-web-playground 0.0 0.0 0.0 0 0 29
pygoat 18.2 15.7 50.0 11 11 59
python-app 23.0 20.0 57.1 4 3 16
python-insecure-app 0.0 0.0 0.0 0 0 8
pythonssti 0.0 0.0 0.0 0 0 2
threatbyte 0.0 0.0 0.0 0 0 24
vampi 0.0 0.0 0.0 0 0 13
vfapi 0.0 0.0 0.0 0 0 9
vulnerable-api 0.0 0.0 0.0 0 0 14
vulnerable-flask-app 0.0 0.0 0.0 0 0 20
vulnerable-python-apps 20.4 18.2 40.0 4 6 18
vulnerable-tornado-app 0.0 0.0 0.0 0 0 14
vulnpy 7.9 6.4 100.0 5 0 73
vulpy 11.1 9.3 55.6 5 4 49
Detection by Severity
critical
12%
TP 10 / FP 0 / FN 76
high
6%
TP 14 / FP 0 / FN 228
medium
7%
TP 20 / FP 1 / FN 262
low
0%
TP 0 / FP 0 / FN 66
CWE Family Heatmap recall by repository
Repository Broken Access Co.. Code Injection /.. Command / OS Inj.. Denial of Service Hardcoded Creden.. HTTP Header Inje.. Insecure Deseria.. Missing Authenti.. Open Redirect Other Path Traversal Security Misconf.. Sensitive Data E.. SQL Injection Server-Side Requ.. XPath Injection Cross-Site Scrip.. XML External Ent..
damn-vulnerable-flask-application 0% 0% 0% 0% 0% 0% 0% 0%
damn-vulnerable-graphql-application 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
djangoat 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
dsvpwa 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
dsvw 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
dvblab 0% 0% 0% 0% 0% 0% 0% 0%
dvpwa 0% 0% 0% 0% 0% 0%
extremely-vulnerable-flask-app 0% 0% 100% 100% 0% 0% 0% 0% 0% 0% 0%
flask-xss 0% 0% 0% 0% 0% 0% 0% 0% 0%
insecure-web 0% 0% 0% 0% 100% 100%
intentionally-vulnerable-python-application 0% 0% 0% 0% 0% 0% 0%
lets-be-bad-guys 0% 67% 100% 0% 100% 0% 100% 0% 0% 0% 75%
owasp-web-playground 0% 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
pygoat 0% 50% 33% 33% 33% 0% 0% 100% 0% 0% 0% 100% 14% 100%
python-app 0% 50% 0% 0% 0% 100% 0% 0% 50% 0%
python-insecure-app 0% 0% 0% 0% 0% 0%
pythonssti 0% 0%
threatbyte 0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
vampi 0% 0% 0% 0% 0% 0% 0%
vfapi 0% 0% 0% 0%
vulnerable-api 0% 0% 0% 0% 0% 0% 0% 0% 0%
vulnerable-flask-app 0% 0% 0% 0% 0% 0% 0% 0% 0%
vulnerable-python-apps 25% 0% 0% 20% 100% 0% 0% 100% 0%
vulnerable-tornado-app 0% 0% 0% 0% 0% 0% 0% 0% 0%
vulnpy 0% 67% 0% 0% 0% 0% 0% 0% 0% 0% 25% 0%
vulpy 0% 0% 62% 0% 0% 0% 0% 0% 0% 0%
CWE Family Detection aggregate
RealVuln Benchmark · GitHub · kolega.dev