Exposures Scanning - Get Results List


JFrog Xray
Content Type

Description:Lists all the results from the scan of a specific artifact.

Since: 3.59.4

Security:Requires a valid user with the "Read" permissions.

Usage: GET /api/v1/{category}/results?repo={repo}&path={path}

Query parameters:

  • repo -repository name

  • path -path to artifact

Pagination and Ordering: Setting pagination and ordering parameters is optional. The list of parameters includes:

  • page_num: Starting from 1 to any number of pages. default=1.

  • num_of_rows: Starting from 1 to any number of rows that are included in a page. default=10

  • order_by: status, jfrog_severity, exposure_id, description, file_path, cwe, fix_cost, outcomes

  • direction: asc/desc

Filters: Use the supported fields below to filter results. E.g. ?cwe=CWE-798,CWE-799

  • status

  • jfrog_severity

  • cwe

  • fix_cost

  • outcomes

Search:Input string will be searched for in the results' "description".

Produces: application/json

Sample Request 1

GET /api/v1/applications/results?repo=the_project&path=/backend/latest/manifest.json

Sample Response 1

    "data": [
        "status": "to_fix",
        "jfrog_severity": "high",
        "id": "EXP-1058-00001",
        "description": "Node.js does not enforce TLS on all web communications",
        "abbreviation": "REQ.WEB.NODE-JS.TLS",
        "cwe": {
          "cwe_id": "CWE-319",
          "cwe_name": "Cleartext Transmission of Sensitive Information"
        "outcomes": [
          "Traffic interception",
          "Traffic manipulation"
        "fix_cost": "medium"
    "total_count": 10

Sample Request 2

GET /api/v1/secrets/results?repo=the_project&path=/backend/latest/manifest.json&search=Python&order_by=fix_cost&status=to_fix&cwe=CWE-798

Sample Response 2

    "data": [
            "status": "to_fix",
            "jfrog_severity": "low",
            "id": "EXP-1519-00001",
            "description": "Hardcoded random buffer was found (Python)",
            "abbreviation": "REQ.PYTHON.HARDCODED-SECRETS",
            "cwe": {
                "cwe_id": "CWE-798",
                "cwe_name": "Use of Hard-coded Credentials"
            "outcomes": [
                "Credential extraction"
            "fix_cost": "low"
    "total_count": 1