Description: Retrieves Contextual Analysis Data per vulnerability.
Since: 3.59.4
Security: Requires a valid user with the "Read" permissions.
Usage: GET xray/api/v1/cve_applicability?component_id={}&vulnerability_id={}&source_comp_id={}&path={}
Required Parameters:
Parameter | Description |
|---|---|
| One of artifact/build/bundle component ID, used to identify the artifact for which results should be returned. If the ID is of an artifact, all artifacts with this ID will be considered. If the ID is of a build or a release bundle, all artifacts which are direct children of the build/bundle will be considered. |
| ID of vulnerability. Example:XRAY-140308 |
Optional Parameters:
Parameter | Description |
|---|---|
| If given, only a result matching that component will be returned. If not given, returned results will contain data for any component in the artifact. Example:pypi://PyYAML:3.10 |
| If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/bundle). Example:docker_containers/pyyaml_3_10_app/1/manifest.json |
| If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/bundle). Example: 147764179185893785 |
Sample Response
{
"applicability": *bool,
"scan_status": int8,
"scanner_available": bool,
"Items": [
{
"scanner_available": bool,
"component_id": string, # of the artifact
"source_comp_id": string,
"cve_id": string,
"scan_status": int8, # 0 for started, 1 for done
"applicability": *bool,
"info": string,
"details": [ # Might be empty
{
"file_path": string,
"details": string
},
...
]
}
...
]
}