Description: Search for a component by the CVEs it contains directly
Security: Requires a valid user with "Admin" permissions. For Xray 3.8 and above, this only requires a valid user with the "Manage Reports'' role.
Usage: POST api/v1/component/searchByCves
Consumes: application/json
Produces: application/json
Request body:
Name | Type | Required/Optional | Description |
---|---|---|---|
| array | required | An array of CVEs to search for |
Response body:
Name | Type | Description |
---|---|---|
| string | The CVE identifier |
| array | An array of components containing the specified CVEs |
Component Object:
Name | Type | Description |
---|---|---|
| string | The name of the component |
| string | The package type of the component |
| string | The version of the component |
| string | The link to the component details in Xray |
Example Usage: POST api/v1/component/searchByCves
Request Body
[ { "checksum": "1e4aa36346ceb27a30ea0fb2a531b35fb74e4fe7cf5231ee94a58736518d5685", "binary_manager_id": "default", "repo": "xray-demo-docker-local", "path": "/ics/latest/manifest.json", "package_name": "docker://ics", "version": "latest" }, { "checksum": "1e4aa36346ceb27a30ea0fb2a531b35fb74e4fe7cf5231ee94a58736518d5685", "binary_manager_id": "default", "repo": "xray-demo-docker-local", "path": "/ics/latest/manifest.json", "package_name": "docker://ics/latest", "version": "latest" }, { "checksum": "1e4aa36346ceb27a30ea0fb2a531b35fb74e4fe7cf5231ee94a58736518d5685", "binary_manager_id": "default", "repo": "xray-demo-docker-local", "path": "/ics/latest/manifest.json", "package_name": "docker://ics1", "version": "latest" } ]
Sample Response
[ { "cve_details": "CVE-2017-15708", "components": [ { "name": "commons-collections:commons-collections", "package_type": "Maven", "version": "3.2.1", "link": "http://10.1.16.130:8000/web/#/component/details/gav:~2F~2Fcommons-collections:commons-collections/3.2.1" } ] }, { "cve_details": "CVE-2017-15709", "components": [] } ]
Response Codes
Response Code | Description |
---|---|
200 | Valid response |
415 | Failed to parse request |
400 | Got invalid CVE |
600 | Failed to search components by CVEs |