Description: Returns ignored violations by filters.
Ignore filters include:
Objective filters:
vulnerabilities, licenses, cvesScope filter:
policies, watchesSource filters:
components, docker-layers, artifacts, builds, release-bundles
Applicable Environment: JFrog SaaS, Self-Hosted
Since: 3.11
Security Requires a valid user with the "Manage Watches" permission
Usage: POST /xray/api/v1/violations/ignored
Consumes: application/JSON
Produces:application/JSON
Path Parameters: None
Query Parameters:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| integer | Optional | Offset for pagination |
| integer | Optional | Limit for pagination |
| string | Optional | Field to order the results.Possible values: |
Request Body:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| array[string] | Optional | List of vulnerabilities IDs (XRAY-nnnnn) to filter ignored violations by |
| array[string] | Optional | List of licenses to filter ignored violations by |
| array[string] | Optional | List of CVEs to filter ignored violations by |
| array[string] | Optional | List of operational risk packages to filter ignored violations by |
| array[string] | Optional | List of Secrets, configuration related security issues, and open source library usage |
| array[string] | Optional | List of packages to filter ignored violations by |
| array[string] | Optional | List of policies to filter ignored violations by |
| array[string | Optional | List of watches to filter ignored violations by |
| array[string] | Optional | List of projects to filter ignored violations by |
| array[string] | Optional | List of git repositories to filter ignored violations by |
| array[ComponentObj] | Optional | List of components to filter ignored violations by |
| array[string] | Optional | List of Docker layers to filter ignored violations by |
| array[string] | Optional | List of packages to filter ignored violations by |
| array[ArtifactObj] | Optional | List of artifacts to filter ignored violations by |
| array[BuildObj] | Optional | List of builds to filter ignored violations by |
| array[ReleaseBundleObj] | Optional | List of release bundles to filter ignored violations by |
| array[ReleaseBundleObj] | Optional | List of release bundles v2 to filter ignored violations by |
ComponentObl:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | Required | Name of the component |
| string | Required | Version of the component |
ArtifactObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | Required | Name of the artifact |
| string | Required | Version of the artifact |
| string | Required | Path of the artifact |
BuildObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | Required | Name of the build |
| string | Required | Version of the build |
ReleaseBundleObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | Required | Name of the release bundle |
| string | Required | Version of the release bundle |
Response Body:
Name | Type | Description |
|---|---|---|
| array[ViolationObj] | List of ignored violations |
| integer | Total count of ignored violations |
ViolationObj:
Name | Type | Description |
|---|---|---|
| string | Unique identifier for the violation |
| string | Xray Id for the issue |
| string | Type of violation (e.g., Security, License, Operational_Risk) |
| string | Date and time when the violation was created RFC 3339 timestamp format: <YYYY-MM-DDTHH:MM:SSZ> |
| string | Name of the watch associated with the violation |
| string | Provider of the service or software where the violation occurred |
| string | Description of the violation |
| string | Severity level of the violation (e.g., Critical, High, Medium) |
| array[PropertyObj] | List of properties related to the violation |
| ImpactedArtifactObj | Information about the artifact impacted by the violation |
| array[PoliciesMatchObj] | List of policies matched by the violation |
| IgnoreRuleDetailsObj | Details about any rule to ignore the violation |
| null or array[ApplicabilityObj] | Details about the applicability of the violation |
| array [ApplicabilityDetailsObj] | Applicability details |
PropertyObj:
Name | Type | Description |
|---|---|---|
| string | The Common Vulnerabilities and Exposures ID |
| array[string] | An array of Common Weakness Enumeration IDs |
| CweDetailsObj | Details about the CWEs associated with the vulnerability |
| string | The CVSS version 2 score and vector string |
| string | The CVSS version 3 score and vector string |
CweDetailsObj:
Name | Type | Description |
|---|---|---|
| CweInfoObj | The object name is the CWE ID; e.g., CWE-280Details about CWE-nnn if available |
CweInfoObj:
Name | Type | Description |
|---|---|---|
| string | The name of the CWE category |
| string | Description of the CWE category |
| array[CategoryObj] | Categories associated with the CWE category |
CategoryObj:
Name | Type | Description |
|---|---|---|
| string | Category of the CWE |
| string | Rank of the CWE within the category |
ImpactedArtifactObj:
Name | Type | Description |
|---|---|---|
| string | Name of the artifact impacted by the violation |
| string | Version of the artifact impacted by the violation |
| string | Path or location of the impacted artifact |
PoliciesMatchObj:
Name | Type | Description |
|---|---|---|
| string | Name of the policy |
| string | Rule within the policy that was matched |
| boolean | Indicates if the policy is blocking |
| integer | Blocking mask value |
IgnoreRuleDetailsObj:
Name | Type | Description |
|---|---|---|
| string | Identifier of the ignore rule |
| string | Author of the ignore rule |
| string | Date and time when the ignore rule was createdRFC 3339 timestamp format: <YYYY-MM-DDTHH:MM:SSZ> |
| string | Additional notes or comments regarding the ignore rule |
| boolean | Indicates if the ignore rule is expired |
| string | Date and time when the ignore rule expires (if applicable)RFC 3339 timestamp format: <YYYY-MM-DDTHH:MM:SSZ> |
| string | The project_keyofthe project associated with the ignore rule |
| string | User who deleted the ignore rule |
| string | Timestamp of the ignore rule deletion |
ApplicabilityObj:
Name | Type | Description |
|---|---|---|
| boolean | Indicates if the scanner is available for checking the applicability of the vulnerability |
| string | Identifier of the component |
| string | Identifier of the source component |
| string | Common Vulnerabilities and Exposures identifier |
| integer | Status of the scan for applicability |
| boolean | Indicates if the vulnerability is applicable |
| string | Explanation provided by the scanner for applicability |
| array[EvidenceObj] | Evidence related to the applicability of the vulnerability |
| string | Additional information about the applicability |
| array[DetailsObj] | Additional details about the applicability |
EvidenceObj:
Name | Type | Description |
|---|---|---|
| array[String] | Names of the columns in the evidence |
| array[array[String]] | Rows of evidence |
DetailsObj:
Name | Type | Description |
|---|---|---|
| string | Path to the file |
| string | Additional details about the applicability |
ApplicabilityDetailsObj:
Name | Type | Description |
|---|---|---|
| string | Component id of the artifact |
| string | Component id of the vulnerable package |
| string | Cve id |
| Contextual Analysis result enum | Contextual Analysis result |
Response Codes:
Status Code | Description |
|---|---|
200 | OK |
400 | Parsing/validation error |
401 | Unauthorized |
403 | Forbidden |
500 | Failed to get ignored violations |
Request Example:
{
"vulnerabilities":[
"XRAY-521512"
],
"artifacts": [
{
"name": "docker://redis"
}
]
}Response Example:
{
"data": [
{
"violation_id": "1323291645094375424",
"issue_id": "AGPL-3.0",
"type": "License",
"created": "2020-11-02T17:51:28+02:00",
"watch_name": "w",
"description": "GNU AFFERO GENERAL PUBLIC LICENSE v3",
"severity": "High",
"impacted_artifact": {
"name": "generic://sha256:4c5fa3a86e3b1d07979ff011af3b58481e519faa6ee27eb23622a6fe00d89935/jfrog-artifactory-pro-6.0.0.zip",
"path": "example-repo-local/jfrog-artifactory-pro-6.0.0.zip"
},
"matched_policies": [
{
"policy": "pl",
"rule": "l",
"is_blocking": false
}
],
"ignore_rule_details": {
"id": "a11b59c0-a94e-4d99-4135-74dda0e0c354",
"author": "admin",
"created": "2020-11-02T17:53:41+02:00",
"notes": "license"
"expires_at": "2020-12-29T00:00:00Z",
"deleted_by": "admin",
"deleted_at": "2020-12-28T00:00:00Z"
}
},
{
"violation_id": "1323291688811606016",
"issue_id": "XRAY-100646",
"type": "Security",
"created": "2020-11-02T17:51:38+02:00",
"watch_name": "w",
"provider": "JFrog",
"description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).",
"severity": "Medium",
"properties": [
{
"Cve": "CVE-2020-14062",
"Cwe": [
"CWE-502"
],
"CvssV2": "6.8/CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CvssV3": "8.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"impacted_artifact": {
"name": "generic://sha256:4c5fa3a86e3b1d07979ff011af3b58481e519faa6ee27eb23622a6fe00d89935/jfrog-artifactory-pro-6.0.0.zip",
"path": "example-repo-local/jfrog-artifactory-pro-6.0.0.zip"
},
"matched_policies": [
{
"policy": "ps",
"rule": "s",
"is_blocking": false
}
],
"ignore_rule_details": {
"id": "d33d30d1-a775-41f2-6e0d-c2955d496ab1",
"author": "admin",
"created": "2020-11-02T17:53:57+02:00",
"notes": "sec1"
}
}
],
"total_count": 2
}
Contextual Analysis Result Response Example:
{
"data": [
{
"violation_id": "1764742097225699328",
"issue_id": "XRAY-202749",
"type": "Security",
"created": "2024-03-04T19:57:57Z",
"watch_name": "watch-name",
"provider": "JFrog",
"description": "spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer",
"severity": "High",
"properties": [
{
"Cve": "CVE-2022-27772",
"Cwe": [
"CWE-377",
"CWE-379",
"CWE-668"
],
"CweDetails": {
"CWE-377": {
"Name": "Insecure Temporary File",
"Description": "Creating and using insecure temporary files can leave application and system data vulnerable to attack.",
"Categories": null
},
"CWE-379": {
"Name": "Creation of Temporary File in Directory with Insecure Permissions",
"Description": "The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.",
"Categories": null
},
"CWE-668": {
"Name": "Exposure of Resource to Wrong Sphere",
"Description": "The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.",
"Categories": null
}
},
"CvssV2": "4.6/CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CvssV3": "7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"impacted_artifact": {
"name": "gav://com.in28minutes.springboot:student-services-security",
"version": "0.0.1-SNAPSHOT",
"path": "maven-local/student-services-security-0.0.1-20230711.143048-1_8db924.jar"
},
"matched_policies": [
{
"policy": "policy-name",
"rule": "rule-name",
"is_blocking": false,
"blocking_mask": 0
}
],
"ignore_rule_details": {
"id": "b03fd7b9-ea42-41b5-62e4-cdbc4b1c067f",
"author": "admin",
"created": "2024-03-04T19:57:40.349Z",
"notes": "Ignore notes",
"is_expired": false
},
"applicability": [
{
"scanner_available": true,
"component_id": "gav://com.in28minutes.springboot:student-services-security:0.0.1-SNAPSHOT",
"source_comp_id": "gav://org.springframework.boot:spring-boot:2.2.6.RELEASE",
"cve_id": "CVE-2022-27772",
"scan_status": 1,
"applicability": true,
"scanner_explanation": "<p>The scanner checks whether the vulnerable inner function <code>AbstractConfigurableWebServerFactory.createTempDir()</code> is called, <br />\nby checking whether any of the following external functions are called:</p>\n<ul>\n<li><code>JettyServletWebServerFactory.getWebServer()</code></li>\n<li><code>TomcatServletWebServerFactory.getWebServer()</code></li>\n<li><code>UndertowServletWebServerFactory.getWebServer()</code></li>\n<li><code>TomcatReactiveWebServerFactory.getWebServer()</code></li>\n</ul>\n<p>It additionally checks whether the <code>@SpringBootApplication</code> or <code>@EnableAutoConfiguration</code> annotations are used, since Spring-Boot-based web servers also lead to the vulnerable inner function.</p>",
"evidence": [
{
"column_names": [
"Path",
"Location",
"Issue Found"
],
"rows": [
[
"/BOOT-INF/classes/com/in28minutes/springboot/StudentServicesApplication.class",
"StudentServicesApplication",
"The vulnerable @SpringBootApplication class annotation is used"
]
]
}
],
"info": "The vulnerable @SpringBootApplication class annotation is used",
"details": [
{
"file_path": "/BOOT-INF/classes/com/in28minutes/springboot/StudentServicesApplication.class",
"details": "Location: StudentServicesApplication, Issue Found: The vulnerable @SpringBootApplication class annotation is used"
}
]
}
],
"applicability_details": [
{
"component_id": "gav://com.in28minutes.springboot:student-services-security:0.0.1-SNAPSHOT",
"source_comp_id": "gav://org.springframework.boot:spring-boot:2.2.6.RELEASE",
"vulnerability_id": "CVE-2022-27772",
"result": "applicable"
}
]
},
{
"violation_id": "1764742097427025920",
"issue_id": "XRAY-98355",
"type": "Security",
"created": "2024-03-04T19:57:58Z",
"watch_name": "watch-name",
"provider": "JFrog",
"description": "Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.",
"severity": "Medium",
"properties": [
{
"Cve": "CVE-2020-5408",
"Cwe": [
"CWE-329",
"CWE-330"
],
"CweDetails": {
"CWE-329": {
"Name": "Generation of Predictable IV with CBC Mode",
"Description": "The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key.",
"Categories": null
},
"CWE-330": {
"Name": "Use of Insufficiently Random Values",
"Description": "The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.",
"Categories": null
}
},
"CvssV2": "4.0/CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
"CvssV3": "6.5/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"impacted_artifact": {
"name": "gav://com.in28minutes.springboot:student-services-security",
"version": "0.0.1-SNAPSHOT",
"path": "maven-local/student-services-security-0.0.1-20230711.143048-1_8db924.jar"
},
"matched_policies": [
{
"policy": "policy-name",
"rule": "rule-name",
"is_blocking": false,
"blocking_mask": 0
}
],
"ignore_rule_details": {
"id": "b03fd7b9-ea42-41b5-62e4-cdbc4b1c067f",
"author": "admin",
"created": "2024-03-04T19:57:40.349Z",
"notes": "Ignore notes",
"is_expired": false
},
"applicability": null,
"applicability_details": [
{
"component_id": "gav://com.in28minutes.springboot:student-services-security:0.0.1-SNAPSHOT",
"source_comp_id": "",
"vulnerability_id": "CVE-2020-5408",
"result": "not_covered"
}
]
},
{
"violation_id": "1764742097791930368",
"issue_id": "XRAY-125778",
"type": "Security",
"created": "2024-03-04T19:57:58Z",
"watch_name": "watch-name",
"provider": "JFrog",
"description": "Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.",
"severity": "Critical",
"properties": [
{
"Cve": "CVE-2016-1000027",
"Cwe": [
"CWE-502"
],
"CweDetails": {
"CWE-502": {
"Name": "Deserialization of Untrusted Data",
"Description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.",
"Categories": [
{
"Category": "2023 CWE Top 25",
"Rank": "15"
}
]
}
},
"CvssV2": "7.5/CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CvssV3": "9.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"impacted_artifact": {
"name": "gav://com.in28minutes.springboot:student-services-security",
"version": "0.0.1-SNAPSHOT",
"path": "maven-local/student-services-security-0.0.1-20230711.143048-1_8db924.jar"
},
"matched_policies": [
{
"policy": "policy-name",
"rule": "rule-name",
"is_blocking": false,
"blocking_mask": 0
}
],
"ignore_rule_details": {
"id": "b03fd7b9-ea42-41b5-62e4-cdbc4b1c067f",
"author": "admin",
"created": "2024-03-04T19:57:40.349Z",
"notes": "Ignore notes",
"is_expired": false
},
"applicability": [
{
"scanner_available": true,
"component_id": "gav://com.in28minutes.springboot:student-services-security:0.0.1-SNAPSHOT",
"source_comp_id": "gav://org.springframework:spring-web:5.2.5.RELEASE",
"cve_id": "CVE-2016-1000027",
"scan_status": 1,
"applicability": false,
"scanner_explanation": "<p>The scanner checks whether the vulnerable class <code>(Simple)HttpInvokerServiceExporter</code> is instantiated.</p>",
"evidence": null,
"info": "The vulnerable class (Simple)HttpInvokerServiceExporter is never instantiated",
"details": null
}
],
"applicability_details": [
{
"component_id": "gav://com.in28minutes.springboot:student-services-security:0.0.1-SNAPSHOT",
"source_comp_id": "gav://org.springframework:spring-web:5.2.5.RELEASE",
"vulnerability_id": "CVE-2016-1000027",
"result": "not_applicable"
}
]
}
],
"total_count": 3
}