Get Contextual Analysis per Vulnerability V1

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Retrieves Contextual Analysis data for vulnerability

Since: 3.54

Security: Requires a valid user with the "Read" permissions

Usage: GET /xray/api/v1/cve_applicability

Produces: application/json

Query parameters:

Name

Type

Required/Optional

Description

component_id

string

required

Component id is the resource id (artifact/build/release-bundle).

Component id is not unique, all relevant results returned.

If the id is of a build or a release bundle, all artifacts which are direct children of the build/bundle will be considered.

Examples:

docker://pyyaml_3_10_app:1

build://example-build:1

releaseBundleV2://[release-bundles-v2]/docker-rbv2:4

vulnerability_id

string

required

Xray id

Example: XRAY-95701

source_comp_id

string

optional

Source component id is the SBOM package that the vulnerability originates from. If given, only a result matching that component will be returned. If not given, returned results will contain data for any component in the artifact.

Example:

pypi://PyYAML:3.10

path

string

optional

If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/release-bundle).

Example:

docker-local/rabbitmq/latest/manifest.json maven-local/student-services-security-0.0.1-20230711.143048-1.jar

user_issue_id

string

optional

If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/bundle).

Example:

147764179185893785

Response body:

Name

Type

Description

scanner_available

boolean

Indicates if the scanner is available for this vulnerability

applicability

boolean

Applicability status of the vulnerability

scan_status

integer

Scan status for the vulnerability

items

Array [ItemObj]

Array of results

ItemObj:

Name

Type

Description

scanner_available

boolean

Indicates if the scanner is available for this vulnerability.

component_id

string

sha256 of the artifact.

source_comp_id

string

Source component ID for the vulnerability.

cve_id

string

CVE ID for the vulnerability.

scan_status

integer

Scan status for the vulnerability.

applicability

boolean

Applicability status of the vulnerability.

scanner_explanation

string

Explanation from the scanner regarding the vulnerability.

info

string

Additional information about the vulnerability.

details

string

Details of the vulnerability.

Response codes:

Status code

Description

200

OK

400

Bad request - Required fields are missing

403

Permission denied

Example request - repository

Url:

/xray/api/v1/cve_applicability?component_id=docker://xmas:policy&vulnerability_id=XRAY-95701&path=docker-local/app/latest/manifest.json

Example request build

Url:

/xray/api/v1/cve_applicability?vulnerability_id=XRAY-95701&component_id=build://docker-build:1

Example of successful response:

200 OK
{
    "scanner_available": true,
    "applicability": true,
    "scan_status": 1,
    "items": [
        {
            "scanner_available": true,
            "component_id": "596c488dd640ebe772259ecb88b703db768b1aa53cc12396044bf798d526cc92",
            "cve_id": "CVE-2020-1747",
            "scan_status": 1,
            "applicability": true,
            "scanner_explanation": "<p>The scanner checks whether any of the following vulnerable functions are called:</p>\n<ul>\n<li><code>yaml.full_load()</code></li>\n<li><code>yaml.load()</code> only unsafe calls (without specifying <code>SafeLoader</code> as the <code>Loader</code>class).</li>\n</ul>",
            "details": [
                {
                    "file_path": "/applicable/main.py",
                    "details": "Evidence: yaml.full_load(f), Line Number: 4, Issue Found: The vulnerable function yaml.full_load/load is called"
                },
                {
                    "file_path": "/applicable/main2.py",
                    "details": "Evidence: yaml.load(f, Loader=yaml.FullLoader), Line Number: 4, Issue Found: The vulnerable function yaml.full_load/load is called"
                }
            ],
            "source_comp_id": "pypi://PyYAML:5.2",
            "info": "The vulnerable function yaml.full_load/load is called"
        }
    ]
}

Example error response:

400 Bad request
{
    "error": "Badly formatted request"
}