Skip to content

av alerts get

Show the full detail for a single alert: its RED / YELLOW / GREEN status with reasoning, the CVE, and every matched package.

Terminal window
av alerts get <alertId> --project <projectId> [flags]

av alerts get renders a key/value detail block for one alert - status, acknowledged, the verdict’s reasoning, and the CVE’s id, severity, CVSS, EPSS, KEV flag and description - followed by a table with one row per matched package: its ecosystem, version, dependency kind (direct or transitive, with , dev appended for dev-only dependencies), the suggested fix, the fix summary, and where the package was discovered (repo:path, with (+N more) when it was found in several places).

Resolved alerts are included in the lookup, so a resolved alert is still retrievable by its id. --json prints the raw alert object instead of the detail view.

Alert ids come from the API - grab one from the list command’s --json output.

Flag Default Description
--project - Project ID the alert belongs to (required)
--json false Output raw JSON instead of a detail view

Show the full detail for an alert:

Terminal window
av alerts get 01a3f8c2-7b4d-4f6a-9c0d-2e5b8a1f3c7d --project 7f3d2a91-4c8e-4b0a-9f6d-1e5a8c2b7d43
Alert 01a3f8c2-7b4d-4f6a-9c0d-2e5b8a1f3c7d
Status Red
Acknowledged no
Reasoning axios 0.21.1 is a direct runtime dependency and falls inside the advisory's vulnerable range.
CVE CVE-2026-1097
Severity High
CVSS 7.5
EPSS 0.89
KEV no
Description Server-side request forgery in axios redirect handling.
Matched packages
PACKAGE ECOSYSTEM VERSION KIND SUGGESTED FIX FIX SUMMARY DISCOVERED IN
axios Npm 0.21.1 direct 1.12.2 Major upgrade - potential breaking changes web-app:package.json

Pull one field from the raw alert with --json:

Terminal window
av alerts get 01a3f8c2-7b4d-4f6a-9c0d-2e5b8a1f3c7d --project 7f3d2a91-4c8e-4b0a-9f6d-1e5a8c2b7d43 --json | jq -r '.reasoning'

Find an alert id from the list output, then fetch its detail:

Terminal window
av alerts --project 7f3d2a91-4c8e-4b0a-9f6d-1e5a8c2b7d43 --json | jq -r '.alerts.items[0].id'
av alerts get <alertId> --project 7f3d2a91-4c8e-4b0a-9f6d-1e5a8c2b7d43
Code Meaning
0 Alert found and rendered
1 Error - not logged in, alert not found: <id>, or the API request failed
  • av alerts - list a project’s alerts with the RED/YELLOW/GREEN summary
  • av alerts ack - acknowledge an alert, optionally with a note