# Solve a vulnerability
Here, we show how to list all vulnerabilities for a repository and how to go about and solve them.
To see the list of all vulnerabilities for a repository, click the repository name in the "Repositories" view.
In this case, a single vulnerability is detected, with a high severity score of 9.8. Click on the name of the vulnerability, "CVE-2018-18074", to see details about the vulnerability.
- Through analysis, we conclude that our application is indeed affected by this vulnerability. We mark this by clicking on "Flag as vulnerable".
- Next, we need to take action to solve the issue. Click "Suggested fix" to view a possible solution.
For more information about the details view, see here.
The next step is to update the dependency file.
- Update the package via the package manager, in this case pip:
pip install 'requests>=2.20.0'
- Upload the new commit containing the change
- Using integrations, just commit and push the updates
- Using manual upload, see below
Once scanning is completed, the repository should no longer have a vulnerability, marked by a 0 in the tab "Total Vulnerabilities".
Good job! You made it. Solving vulnerabilities is not always this easy though. For an in-depth tutorial on how to evaluate vulnerabilities and securing your products, read our guide on Evaluating vulnerabilities.
# Manual upload
To manually create a new commit for a repository and apply the corresponding dependency file, perform the following.
- Under the "Manage" tab, click "Manage dependency files"
- Choose the updated dependency file
- Apply it to the repository
- Apply it to a new commit
- Wait for analysis to complete