View Python package vulnerabilities

Preview

This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of theService Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see thelaunch stage descriptions.

Premium and Enterpriseservice tiers

This page describes how you can view the vulnerabilities in Pythonpackages that were detected by Notebook Security Scanner.

Filter package vulnerability findings

For Notebook Security Scanner, you can filter the package vulnerability findingsby using the category, source display name, severity, and project ID.

  1. Go to the Security Command CenterFindings page.

    Go to Findings

  2. In the project selector, select the project or organizationfor which you need to view the package vulnerability findings.

    TheFindings page displays findings only for the project or organization that youselected.

  3. In theQuick filters section, select one or more of the following:

    • In theCategory section, selectPackage vulnerability.
    • In theProject ID section, select your project ID.
    • In theSource display name section, selectNotebook Security Scanner.
    • In theSeverity section, select the required severity value.

    TheFindings page displays a list of findings that match the typeyou selected.

View older package vulnerability findings

By default, the Security Command CenterFindings page displays only active packagevulnerability findings that are less than seven days old.

If you want to view package vulnerability findings that are older thanseven days and have not been addressed, do the following:

  1. Go to the Security Command CenterFindings page.

    Go to Findings

  2. In the project selector, select the project or organizationfor which you need to view the package vulnerability findings.

    TheFindings page displays findings only for the project or organization that youselected.

  3. In theTime range list, select the required time range.

    You can also add more filters such asSource display name andCategory.

  4. If you want to view the package vulnerability findings that are published after aparticular timestamp, do the following:

    1. ClickEdit Query.

    2. In theQuery Editor, add a condition oncreate_time andparent_display_name.

      The following example query displays the active package vulnerabilityfindings that are created after 2024-07-16.

      state="ACTIVE"AND NOT mute="MUTED"AND parent_display_name="Notebook Security Scanner"AND create_time > "2024-07-16"

What's next

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-20 UTC.