Description: Retrieves Contextual Analysis data for vulnerability
Since: 3.91.x
Notes: In Get Contextual Analysis per Vulnerability v2 REST API the “applicability” boolean was replaced with the “result” string. Possible values: not_scanned
, applicable
, not_applicable
, undetermined
, rescan_required
, upgrade_required
, not_covered
Currently, you can retrieve the evidence details only with the Get Contextual Analysis per Vulnerability V1
Security: Requires a valid user with the "Read" permissions
Usage: GET /xray/api/v2/cve_applicability
Produces: application/json
Query parameters:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Component id is the resource id (artifact/build/release-bundle). Component id is not unique, all relevant results returned. If the id is of a build or a release bundle, all artifacts which are direct children of the build/bundle will be considered. Examples:
|
| string | required | Xray id Example: |
| string | optional | Source component id is the SBOM package that the vulnerability originates from. If given, only a result matching that component will be returned. If not given, returned results will contain data for any component in the artifact. Example: pypi://PyYAML:3.10 |
| string | optional | If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/release-bundle). Example:
|
| string | optional | If given, will be used to identify the specific artifact that is relevant. Otherwise, going only by component_id can result in aggregation of results from several artifacts. Only relevant for artifacts (not build/bundle). Example:
|
Response body:
Name | Type | Description |
---|---|---|
| string | An aggregated Contextual Analysis The result is based on priority of the results of all the items(ItemObj). For example Possible values: |
| Array [ItemObj] | Array of results |
ItemObj
Name | Type | Description |
---|---|---|
| string | Component id |
| string | Source component id |
| string | CVE id (or Xray id if not existing) |
| string | Contextual Analysis result. Possible values: |
| string | Scanner explanation (html format) |
| string | Information about the scan result |
Response codes:
Status code | Description |
---|---|
200 | OK |
400 | Bad request - Required fields are missing |
403 | Permission denied |
Example request - repository:
Url: /xray/api/v2/cve_applicability?component_id=docker://xmas:policy&vulnerability_id=XRAY-95701&path=docker-local/app/latest/manifest.json
Example of successful response:
200 OK
{ "result": "applicable", "items": [ { "component_id": "docker://app:latest", "source_comp_id": "pypi://PyYAML:5.2", "vulnerability_id": "CVE-2020-1747", "result": "applicable", "scanner_explanation": "<p>The scanner checks whether any of the following vulnerable functions are called:</p>\n<ul>\n<li><code>yaml.full_load()</code></li>\n<li><code>yaml.load()</code> only unsafe calls (without specifying <code>SafeLoader</code> as the <code>Loader</code>class).</li>\n</ul>", "info": "The vulnerable function yaml.full_load/load is called" } ] }
Example request build: Url: /xray/api/v2/cve_applicability?vulnerability_id=XRAY-95701&component_id=build://docker-build:1
Example of successful response:
200 OK
{ "result": "applicable", "items": [ { "component_id": "build://docker-build:1", "source_comp_id": "pypi://PyYAML:5.2", "vulnerability_id": "CVE-2020-1747", "result": "applicable", "scanner_explanation": "<p>The scanner checks whether any of the following vulnerable functions are called:</p>\n<ul>\n<li><code>yaml.full_load()</code></li>\n<li><code>yaml.load()</code> only unsafe calls (without specifying <code>SafeLoader</code> as the <code>Loader</code>class).</li>\n</ul>", "info": "The vulnerable function yaml.full_load/load is called" } ] }
Example request release bundle: Url: /xray/api/v2/cve_applicability?vulnerability_id=XRAY-95701&component_id=releaseBundleV2://[release-bundles-v2]/docker-rbv2:4
Example of successful response:
200 OK
{ "result": "applicable", "items": [ { "component_id": "releaseBundleV2://[release-bundles-v2]/docker-rbv2:4", "source_comp_id": "pypi://PyYAML:5.2", "vulnerability_id": "CVE-2020-1747", "result": "applicable", "scanner_explanation": "<p>The scanner checks whether any of the following vulnerable functions are called:</p>\n<ul>\n<li><code>yaml.full_load()</code></li>\n<li><code>yaml.load()</code> only unsafe calls (without specifying <code>SafeLoader</code> as the <code>Loader</code>class).</li>\n</ul>", "info": "The vulnerable function yaml.full_load/load is called" } ] }
Example error response:
400 Bad request
{ "error": "Badly formatted request" }