Description: Gets the Xray violations based on a set of search criteria
Security: Requires a user with Read permissions.
Notes: Starting from Xray version 3.42.3, JFrog Security CVE Research and Enrichment data is supported. Important notes:
The following fields are markdown texts
short_description
full_description
remediation
Extended information fields will not appear to Free Tier users.
Usage: POST /api/v1/violations
Consumes: application/json
Sample usage (all of the filter fields are optional):
POST /api/v1/violations { "filters": { "name_contains": "Denial of service attack", "violation_type": "Security", "watch_name": "watch", "min_severity": "Medium", "created_from": "2018-06-06T12:22:16+03:00" }, "pagination": { "order_by": "updated", "limit": 25, "offset": 1 } }
Operational Risk Sample Request
POST /api/v1/violations { "filters": { "violation_type": "Operational_Risk", "watch_name": "watch", "min_severity": "Medium", }, "pagination": { "order_by": "updated", "limit": 25, "offset": 1 } }
Sample response:
{ "total_violations": 295, "violations": [ { "description": "Amazon Digital Services License", "severity": "High", "type": "License", "infected_component": [ "generic://sha256:72daef35b54f95a97e7da5ae2dd7cccecc71183788656083f35fdf6e0ca5a24f/opkg-4.3.54.jar" ], "created": "2018-05-29T17:30:49+03:00", "watch_name": "watch_license", "issue_id": "ADSL", "violation_details_url": "localhost:8000/api/v1/violations?watch_id=5b163b41ab1bdddbb2e16492&issue_id=XRAY-60763", "impacted_artifacts": [ "arti1/libs-release-local/jfrog-artifactory-pro-5.9.0.zip" ] }, { "description": "If a user of Commons-Email (typically an application programmer) passes unvalidated input as the so-called \"Bounce Address\", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated.", "severity": "Low", "type": "Security", "infected_component": [ "gav://org.apache.commons:commons-email:1.1" ], "created": "2018-06-06T12:21:18+03:00", "watch_name": "all", "issue_id": "XRAY-60829", "violation_details_url": "localhost:8000/api/v1/violations?watch_id=5b163b41ab1bdddbb2e16492&issue_id=XRAY-60829", "impacted_artifacts": [ "arti1/libs-release-local/jfrog-artifactory-pro-5.9.0.zip" ] } ] }
CVE Research and Enrichment Sample Response
{ "total_violations": 1, "violations": [{ "description": "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", "severity": "Critical", "type": "Security", "infected_components": [ "pypi://urllib3:1.22" ], "created": "2021-11-30T06:40:10+02:00", "watch_name": "MyFirstWatch", "issue_id": "XRAY-74787", "violation_details_url": "http://localhost:8046/xray/api/v1/violations?watch_id=7c64876c5e206011ed08ce25&issue_id=XRAY-74787&comp_id=build:%2F%2Fexample-build:3.10.0", "impacted_artifacts": [ "default/builds/example-build" ], "extended_information": { "short_description": "An information leak in urllib3 can lead to authentication bypass via leaked HTTP authorization client credentials", "full_description": "urllib3 does not remove the `Authorization` HTTP header when following redirects (even cross-origin redirects, that differ in host, port, or scheme)\r\n\r\nThis issue can be exploited when a client is using `urllib3` and the following conditions apply:\r\n1. The client uses some kind of HTTP authorization (`Basic`, `Digest`, etc.)\r\n2. The client initially contacts an HTTPS server\r\n3. The HTTPS server redirects the client to a non-HTTP server\r\n4. The attacker can sniff the data between the client and the HTTP server (possibly by using a MitM attack)\r\n\r\nThe issue is not relevant if the client originally contacts an HTTP server, since the `Authorization` header can be sniffed by an attacker from the original connection, regardless of this CVE.\r\n\r\nRed Hat also updated the original CVSS analysis, which was downgraded to [7.5](https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)", "jfrog_research_severity": "Medium", "jfrog_research_severity_reasons": [ { "name": "The CVE can be remotely exploited", "is_positive": false }, { "name": "The CVE has a published technical writeup", "is_positive": false }, { "name": "The CVE has no exploit published", "is_positive": true }, { "name": "The CVE has difficult prerequisites for exploitation", "description": "See CVE details for more information", "is_positive": true }, { "name": "The initial CVSS was disputed by Red Hat, and downgraded to 7.5", "is_positive": true } ] } } ] }
Operational Risk Sample Response
{ "total_violations": 1, "violations": [ { "description": "Number of new versions and Version Age", "severity": "High", "type": "Operational_Risk", "infected_components": [ "gav://joda-time:joda-time:2.9.9" ], "created": "2022-03-24T14:54:42+02:00", "watch_name": "OpRiskWatch", "issue_id": "1ea7a8e0904b4a6c1a837e8ab437e0892dd00ad203814f3b9edfd2a3d8be3b88", "violation_details_url": "http://test.jfrog.io/xray/api/v1/violations?watch_id=8d5a6d7364154c5c2455993a&issue_id=1ea7a8e0904b4a6c1a837e8ab437e0892dd00ad203814f3b9edfd2a3d8be3b88&comp_id=gav:%2F%2Forg.jruby:jruby-complete:9.2.0.0", "impacted_artifacts": [ "default/generic-local/jruby-complete-9.2.0.0.jar" ], "applicability": null } ] }
Exposures Violations Sample Response
{ "total_violations": 1, "violations": [ { "description": "Number of new versions and Version Age", "severity": "High", "type": "Operational_Risk", "infected_components": [ "gav://joda-time:joda-time:2.9.9" ], "created": "2022-03-24T14:54:42+02:00", "watch_name": "OpRiskWatch", "issue_id": "1ea7a8e0904b4a6c1a837e8ab437e0892dd00ad203814f3b9edfd2a3d8be3b88", "violation_details_url": "http://test.jfrog.io/xray/api/v1/violations?watch_id=8d5a6d7364154c5c2455993a&issue_id=1ea7a8e0904b4a6c1a837e8ab437e0892dd00ad203814f3b9edfd2a3d8be3b88&comp_id=gav:%2F%2Forg.jruby:jruby-complete:9.2.0.0", "impacted_artifacts": [ "default/generic-local/jruby-complete-9.2.0.0.jar" ], "applicability": null } ] }