CVE Vulnerabilities Occurrences
Overview
Get the packages and impacted external objects for a Common Vulnerabilities and Exposures (CVE) reference. The service returns the list of impacted packages, and for each package the list of external objects. These insights come from the com.castsoftware.highlight2mri scanner.
URI
GET /rest/applications/{name}/insights/cve/{id}/occurrences
Path parameters
name (string)
This parameter identifies the analyzed application. The application name must be properly encoded if it is required. Character back-quote is not allowed.
id (string)
The CVE reference.
Query parameters
limit (integer)
Required. The maximum number of packages to return.
skip (integer)
Optional. The number of packages to skip before including packages in the search limit.
Responses
application/json
The response is the list of CVE packages. Example:
[
{
"name": "org.drools:drools-core",
"releaseDate": {
"dateTime": "2024-04-22T08:41:34Z"
},
"releasesPerYear": 9,
"saferClosestVersion": "7.39.0.CR1",
"safestVersion": "7.39.0.CR1",
"version": "7.32.0.Final"
"objects": [
{
"id": "18097",
"name": "StringUtils",
"fullName": "org.drools.core.util.StringUtils",
"mangling": "",
"type": "Java Class",
"typeId": "JV_CLASS"
},
{
"id": "4846",
"name": "isEmpty",
"fullName": "org.drools.core.util.StringUtils.isEmpty",
"mangling": "isEmpty(java.lang.CharSequence) return boolean",
"type": "Java Method",
"typeId": "JV_METHOD"
}
]
}
]
JSON representation
Property | Type | Description |
---|---|---|
name | string | The package name. Note: A Maven package name is the concatenation of artifact ID with package ID. |
version | string | The used package version. |
releaseDate.dateTime | string | Release date of the package. |
releasesPerYear | integer | Number of packages release per year on average. |
saferClosestVersion | string | A safer closest package version minimizing code break changes. |
safestVersion | string | The safest package version. |
objects | array | The list of external objects of this package referred from the application |
objects[].id | string | The external object ID. |
objects[].name | string | The external object name. |
objects[].fullName | string | The external object long name, usually locates the object in software architecture. |
objects[].mangling | string | The external function signature or an empty string if not applicable. |
objects[].type | string | The external object type for a display. |
objects[].typeId | string | The external object type identifier is the type reference key. |