Description: Retrieves Contextual Analysis data for vulnerability
Since: 3.54
Security: Requires a valid user with the "Read" permissions
Usage: GET /xray/api/v1/cve_applicability
Produces: application/json
Query parameters:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Component id is the resource id (artifact/build/release-bundle). Component id is not unique, all relevant results returned. If the id is of a build or a release bundle, all artifacts which are direct children of the build/bundle will be considered. Examples:
|
| string | required | Xray id Example: |
| string | optional | Source component id is the SBOM package that the vulnerability originates from. If given, only a result matching that component will be returned. If not given, returned results will contain data for any component in the artifact. Example:
|
| string | optional | If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/release-bundle). Example:
|
| string | optional | If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/bundle). Example:
|
Response body:
Name | Type | Description |
---|---|---|
| boolean | Indicates if the scanner is available for this vulnerability |
| boolean | Applicability status of the vulnerability |
| integer | Scan status for the vulnerability |
| Array [ItemObj] | Array of results |
ItemObj:
Name | Type | Description |
---|---|---|
| boolean | Indicates if the scanner is available for this vulnerability. |
| string | sha256 of the artifact. |
| string | Source component ID for the vulnerability. |
| string | CVE ID for the vulnerability. |
| integer | Scan status for the vulnerability. |
| boolean | Applicability status of the vulnerability. |
| string | Explanation from the scanner regarding the vulnerability. |
| string | Additional information about the vulnerability. |
| string | Details of the vulnerability. |
Response codes:
Status code | Description |
---|---|
200 | OK |
400 | Bad request - Required fields are missing |
403 | Permission denied |
Example request - repository:
Url:
/xray/api/v1/cve_applicability?component_id=docker://xmas:policy&vulnerability_id=XRAY-95701&path=docker-local/app/latest/manifest.json
Example request build:
Url:
/xray/api/v1/cve_applicability?vulnerability_id=XRAY-95701&component_id=build://docker-build:1
Example of successful response:
200 OK { "scanner_available": true, "applicability": true, "scan_status": 1, "items": [ { "scanner_available": true, "component_id": "596c488dd640ebe772259ecb88b703db768b1aa53cc12396044bf798d526cc92", "cve_id": "CVE-2020-1747", "scan_status": 1, "applicability": true, "scanner_explanation": "<p>The scanner checks whether any of the following vulnerable functions are called:</p>\n<ul>\n<li><code>yaml.full_load()</code></li>\n<li><code>yaml.load()</code> only unsafe calls (without specifying <code>SafeLoader</code> as the <code>Loader</code>class).</li>\n</ul>", "details": [ { "file_path": "/applicable/main.py", "details": "Evidence: yaml.full_load(f), Line Number: 4, Issue Found: The vulnerable function yaml.full_load/load is called" }, { "file_path": "/applicable/main2.py", "details": "Evidence: yaml.load(f, Loader=yaml.FullLoader), Line Number: 4, Issue Found: The vulnerable function yaml.full_load/load is called" } ], "source_comp_id": "pypi://PyYAML:5.2", "info": "The vulnerable function yaml.full_load/load is called" } ] }
Example error response:
400 Bad request { "error": "Badly formatted request" }