Description: Search for CVEs by the infected components
Security: Requires a valid user with "Admin" permissions. For Xray 3.8 and above, this only requires a valid user with the "Manage Reports'' role.
Usage: POST api/v1/component/searchCvesByComponents
Consumes: application/json
Produces: application/json
Request body:
Name | Type | Required/Optional | Description |
---|---|---|---|
| array | required | An array of component IDs to search for CVEs |
Response body:
Name | Type | Description |
---|---|---|
| string | The component ID |
| array | An array of CVEs associated with the component |
| string | Error message if component retrieval fails |
Example Usage: POST api/v1/component/searchCvesByComponents
Request Body
{ "components_id": ["gav://commons-collections:commons-collections:3.2.1","c2"] }
Sample Response:
[ { "component": "gav://commons-collections:commons-collections:3.2.1", "cves": [ "CVE-2017-15708" ] }, { "component": "c2", "error": "Failed to get component", "cves": [] } ]
Response Codes
Status Code | Description |
---|---|
200 | Valid Response |
415 | Failed to parse request |
500 | Failed to search CVEs of components |