Skip to main content

Security Vulnerability Override API

API to obtain the status (Security Vulnerability Override) of security vulnerabilities in the system, when one has been applied at a point in time.

Available endpoints

Get security vulnerability overrides

This endpoint returns existing security vulnerability overrides, for applications and repositories the calling user has access to.

GET /api/v2/securityOverrides[?filter=filterValue]

Using the available filters is strongly recommended in order to reduce the response time and returned data of the API; however, these are optional and all the information can be queried if necesssary without using them.

The API supports the following filters:

  • purl: The component identifier in purl format (pkg:format/GroupCoord/ArtifactCoord@VersionCoord)

  • refId: The reference id of the security vulnerability (sonatype-2019-0115)

  • ownerId: The id of the owner of the security vulnerability

Using curl as an example on a typical local installation, you can use the following command to communicate with this endpoint (the following example uses filtering by ownerId)

curl -u admin:admin123 -X GET 'http://localhost:8070/api/v2/securityOverrides?ownerId=bef62081db3140b49274bb807bbbc60e'

Response Data

Here is the example of a response for a call to the endpoint described above

{
   "securityOverrides":[
      {
         "securityOverrideId":"b318b2555bac47089d00bdad1eb11a4c",
         "hash":"894ebaea50d38ef8776d",
         "referenceId":"CVE-2020-11023",
         "status":"Not Applicable",
         "comment":"This security vulnerability is not currently applicable",
         "owner":{
            "ownerPublicId":"nemesis",
            "ownerId":"bef62081db3140b49274bb807bbbc60e",
            "ownerName":"Nemesis",
            "ownerType":"APPLICATION"
         },
         "currentlyAffectedComponents":[
            {
               "packageUrl":"pkg:a-name/jQuery@1.6.4",
               "hash":"894ebaea50d38ef8776d",
               "componentIdentifier":{
                  "format":"a-name",
                  "coordinates":{
                     "name":"jQuery",
                     "qualifier":"",
                     "version":"1.6.4"
                  }
               },
               "proprietary":false,
               "thirdParty":false
            }
         ]
      }
   ]
}