Help Center/ CodeArts Governance/ FAQs/ Binary Software Composition Analysis (SCA)/ How Do I View the Path of a File that Has Vulnerabilities?
Updated on 2025-06-05 GMT+08:00

How Do I View the Path of a File that Has Vulnerabilities?

You can view the patch in one of the following ways.

  • Method 1: Go to the report details page, click the Open-Source Software Vulnerabilities tab page, and click a component name. In the displayed drawer, hover the cursor over the path of the component to check it. You can also click the button on the right to copy the path.

  • Method 2: Open the report details page and choose Download Report > PDF Report. After the file is generated, choose Download Report > Export to PDF. You can view the file path of the corresponding component by referring to chapter 3 in the PDF report.

  • Method 3: On the report details page and choose Download Report > Excel Report. After the file is generated, choose Download Report > Export to Excel. Go to the component report or vulnerability report sheet in the Excel to view the file path of the corresponding component.

    Directories at each level are separated by a slash (/). If a directory has been scanned, an underscore and a slash (_/) will be displayed. For example, this file path is displayed: scrm-service-weixin.jar_/BOOT-INF/classes/libWeWorkFinanceSdk_Java.so. In this case, decompress scrm-service-weixin.jar and view the BOOT-INF/classes/libWeWorkFinanceSdk_Java.so and to check whether the open-source software exists or whether it is correct.

    CodeArts Governance will also check the files in subdirectories. Method 1 shows subdirectories by level with indentation at the beginning of each line. For methods 2 and 3, subdirectories are separated by colons (:).