# The Vulnerable packages tab

Every package Seal has discovered with at least one open vulnerability appears in this tab. It is the day-to-day triage surface.

## Columns

| Column                    | Contents                                                                                  |
| ------------------------- | ----------------------------------------------------------------------------------------- |
| **Package**               | The package name (for example, `ejs`, `commons-text`, `requests`).                        |
| **Version**               | The specific package version Seal has discovered (for example, `2.7.4`).                  |
| **Ecosystem**             | The package's ecosystem (for example, npm, Maven, PyPi).                                  |
| **Project**               | The Seal Project this row belongs to.                                                     |
| **Vulnerabilities**       | The vulnerabilities affecting this package, with severity.                                |
| **Last scanned / pulled** | The most recent time Seal saw this package, whichever discovery mode produced the signal. |

Each row also has a state badge (Sealed, Pending deploy, Ready to seal, Version in progress, Generate available, or Unfixable) and an actions menu. The state badge values are documented in [Package states](https://github.com/seal-community/gitbook/blob/main/new-docs/discovering/protection-page/package-states.md).

The default sort is by **severity, descending** (most severe rows at the top). All columns marked above are sortable.

## Filters

| Filter                | What it narrows                                                                                                                                     |
| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Search**            | Free-text search across package names and CVE identifiers.                                                                                          |
| **Ecosystem**         | Show only one ecosystem at a time.                                                                                                                  |
| **Project**           | Show only rows from one Seal Project.                                                                                                               |
| **Availability**      | Show rows in a specific package state (Sealed, Pending deploy, Ready to seal, Generate available, and so on).                                       |
| **Visibility**        | Show all rows, only visible rows, or only hidden rows.                                                                                              |
| **Development token** | Filter rows by the type of [token](/new-documentation/new-docs/tokens.md) that authenticated the activity. Default: production-token activity only. |
| **Dev dependency**    | Include or exclude [development dependencies](/new-documentation/new-docs/glossary.md#dev-dependency). Default: excluded.                           |

The two filters narrow the default view in different ways and are independent: a row excluded by one is not necessarily excluded by the other.

## Per-row actions

The actions available depend on your role.

| Action                                                                                                                             | Roles                       |
| ---------------------------------------------------------------------------------------------------------------------------------- | --------------------------- |
| **Seal** (the primary button on a row that has a sealed version available; creates a Sealing Rule using the safest sealed version) | Admin, Sealer               |
| **Seal in all projects** (apply the rule across every project where this package and version appear)                               | Admin, Sealer               |
| **Generate fix** (the action behind the **Generate available** state)                                                              | Admin, Sealer, Collaborator |
| **Hide package** / **Unhide package** (toggle the row's visibility on the Protection page)                                         | Admin, Sealer, Collaborator |

A **Download report** action above the table exports the current filtered set as a Vulnerable Packages report. See [Reports Manager](https://github.com/seal-community/gitbook/blob/main/new-docs/using-the-platform/reports-manager/README.md).

## Related

* [Package states](https://github.com/seal-community/gitbook/blob/main/new-docs/discovering/protection-page/package-states.md): the meaning of each state badge and the transitions between them.
* [Triggering Generate fix](https://github.com/seal-community/gitbook/blob/main/new-docs/discovering/protection-page/generate-fix.md): the action behind the Generate available state.
* [Sealing Rules](https://github.com/seal-community/gitbook/blob/main/new-docs/using-the-platform/sealing-rules/README.md): what the **Seal** button creates.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sealsecurity.io/new-documentation/new-docs/protection-page/vulnerable-packages-tab.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.