Powered by Redocly

vulnerability

Get suppressed vulnerabilities

Get suppressed vulnerabilities based on componentId/vulnerabilityName or both, either of them is mandatory.Only the system administrator has the permission to do this operation.

Request
query Parameters
componentId
integer <int64>

ID of the Component

Example: componentId=E.g. 1
vulnerabilityName
string

Name of the vulnerability

limit
integer <int32>
Default: 25

Page Size. Number Of Records to fetch per page

Example: limit=E.g. 1 | default: 25
offset
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: offset=E.g. 1 | default: 1
header Parameters
authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/vulnerability/suppress
Response samples
application/json
{
  • "itemNumber": 0,
  • "suppressId": 0,
  • "suppressionScope": "string",
  • "vulnerabilityId": 0,
  • "vulnerabilityName": "string",
  • "componentId": 0,
  • "componentName": "string",
  • "suppressedBy": "string",
  • "suppressedDate": "string",
  • "suppressionDetails": [
    ],
  • "componentVersionIds": [
    ]
}

Suppress vulnerability

Suppress vulnerability for component version(s). System administrator only has permission for global suppression, while Developer/Security contact have permission for project-specific suppression. Note: For GLOBAL level suppression, providing suppression details is not necessary. These details are only required for PROJECT level suppression and will be ignored if provided in the GLOBAL scope.

  • The default value for the Suppression Scope will be considered GLOBAL if left empty.
Request
header Parameters
authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Input model to suppress vulnerability for component versions.

componentId
required
integer <int64> >= 1

componentId

versionIds
Array of integers <int64> unique

versionIds

vulnerabilityName
required
string

vulnerabilityName

reason
required
string

reason

remarks
required
string [ 0 .. 255 ] characters

remarks

versionScope
required
stringSPECIFIC_VERSIONS|ALL_CURRENT_VERSIONS

versionScope

suppressionScope
required
stringGLOBAL|PROJECT

suppressionScope

object (SuppressionDetails)
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

post/vulnerability/suppress
Request samples
application/json
{
  • "componentId": "1",
  • "versionIds": [
    ],
  • "vulnerabilityName": "Vulnerability Name",
  • "reason": "FALSE_POSITIVE|REMEDIATED|OTHER",
  • "remarks": "Remarks to Suppress Vulnerability",
  • "versionScope": "SPECIFIC_VERSIONS|ALL_CURRENT_VERSIONS",
  • "suppressionScope": "GLOBAL|PROJECT",
  • "suppressionDetails": {
    }
}
Response samples
application/json
{
  • "componentId": "1",
  • "versionIds": [
    ],
  • "vulnerabilityName": "Vulnerability Name",
  • "reason": "FALSE_POSITIVE|REMEDIATED|OTHER",
  • "remarks": "Remarks to Suppress Vulnerability",
  • "versionScope": "SPECIFIC_VERSIONS|ALL_CURRENT_VERSIONS",
  • "suppressionScope": "GLOBAL|PROJECT",
  • "suppressionDetails": {
    }
}

Get vulnerability suppress details

Get vulnerability suppress details. Provide suppressId/versionId or both as inputs, either of them is mandatory.Only the system administrator has the permission to do this operation.

Request
query Parameters
suppressId
integer <int64>

ID of suppression

Example: suppressId=E.g. 1
componentVersionId
integer <int64>

Id of component version

Example: componentVersionId=E.g. 1
limit
integer <int32>
Default: 25

Page Size. Number Of Records to fetch per page

Example: limit=E.g. 1 | default: 25
offset
integer <int32>
Default: 1

Page Number. Index of the page to start with(starts from 1)

Example: offset=E.g. 1 | default: 1
header Parameters
authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/vulnerability/suppress/details
Response samples
application/json
{
  • "suppressId": 0,
  • "vulnerabilityName": "string",
  • "componentName": "string",
  • "versionId": 0,
  • "versionName": "string",
  • "suppressedReason": "string",
  • "suppressedRemarks": "string",
  • "suppressedBy": "string",
  • "suppressedDate": "string"
}

UnSuppress vulnerability

UnSuppress a vulnerability for given component versions. System administrator only has permission for Global un-suppression, while Developer/Security contact have permission for Project-specific un-suppression. Note: If a project ID is provided, the un-suppression occurs at the PROJECT level, otherwise, it happens at the GLOBAL level.

Request
header Parameters
authorization
required
string
Default:

Bearer JWT Token

Example: E.g. Bearer JWT_TOKEN
Request Body schema: application/json
required

Input model to unSuppress vulnerability

vulnerabilityName
required
string

vulnerabilityName

componentId
required
integer <int64> >= 1

componentId

versionIds
Array of integers <int64> unique

versionIds

remarks
required
string [ 0 .. 255 ] characters

remarks

projectId
integer <int32> >= 1

projectId

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

post/vulnerability/unSuppress
Request samples
application/json
{
  • "vulnerabilityName": "Vulnerability Name",
  • "componentId": "1",
  • "versionIds": [
    ],
  • "remarks": "Remarks to Unsuppress Vulnerability",
  • "projectId": "1"
}