Exposures Scanning - Get Results Details

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description:Returns the details of a single result.

Since: 3.59.4

Security:Requires a valid user with the "Read" permissions.

Usage: GET /api/v1/{category}/results/details?repo={repo_name}&path={path}&id={result_id}

Query parameters

  • repo -repository name

  • path -path to artifact

  • id- result identifier

Produces: application/json

Sample Request

GET /api/v1/applications/results/details?repo=the_project&path=/backend/latest/manifest.json&id=EXP-1058-00001

Sample Response

{
    "status": "to_fix",
    "jfrog_severity": "high",
    "id": "EXP-1058-00001",
    "description": "Node.js does not enforce TLS on all web communications",
    "abbreviation": "REQ.WEB.NODE-JS.TLS",
    "cwe": {
        "cwe_id": "CWE-319",
        "cwe_name": "Cleartext Transmission of Sensitive Information",
        "cwe_link": "https://cwe.mitre.org/data/definitions/319.html"
    },
    "fix_cost": "medium",
    "outcomes_details": [
        {
            "name": "Traffic interception",
            "description": "Attackers passively intercept network traffic..."
        },
        {
            "name": "Traffic manipulation",
            "description": "Attackers actively modify data sent and received..."
        }
    ],
    "findings": {
        "explanation": "<p>By default, Node.js serves content over HTTP...",
        "justification": "<p>Communicating online without applying ...",
        "mitigation": "<p>Use the <code>https</code> module to create your web server...",
        "total_findings": 1
    }
}