Queries vulnerabilities by type.
Authorization information
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
Lang | string | No | The language of the content within the request and response. Default value: zh. Valid values:
| zh |
Remark | string | No | The remarks for the asset affected by the vulnerability. The value can be the private IP address, public IP address, or name of the asset. | 1.2.XX.XX |
GroupId | string | No | The ID of the asset group. NoteYou can call the DescribeAllGroups operation to query the IDs of asset groups. | 9207613 |
Type | string | Yes | The type of the vulnerability. Valid values:
| cve |
Uuids | string | No | The UUIDs of the servers on which you want to query the vulnerabilities. Separate multiple UUIDs with commas (,). | 1587bedb-fdb4-48c4-9330-**** |
Name | string | No | The alias of the vulnerability. | oval:com.redhat.rhsa:def:20172836 |
AliasName | string | No | The name of the vulnerability. | RHSA-2019:0230-Important: polkit security update |
Necessity | string | No | The priority to fix the vulnerability. Separate multiple priorities with commas (,). Valid values:
| asap,later,nntf |
Dealed | string | No | Specifies whether the vulnerabilities are fixed. Valid values:
| n |
CurrentPage | integer | No | The number of the page to return. Default value: 1. | 1 |
PageSize | integer | No | The number of entries to return on each page. Default value: 10. | 20 |
AttachTypes | string | No | The additional type of the vulnerabilities. You need to specify this parameter when you query application vulnerabilities. Set the value to sca. If you set Type to app, you must specify this parameter. NoteIf you set this parameter to sca, application vulnerabilities and the vulnerabilities that are detected based on software component analysis are queried. If you do not specify this parameter, only application vulnerabilities are queried. | sca |
VpcInstanceIds | string | No | The IDs of the virtual private clouds (VPCs) in which the vulnerability is detected. Separate multiple IDs with commas (,). | ins-133****,ins-5414**** |
Response parameters
Examples
Sample success responses
JSON
format
{
"CurrentPage": 1,
"RequestId": "2F26AB2A-1075-488F-8472-40E5DB486ACC",
"PageSize": 20,
"TotalCount": 2,
"VulRecords": [
{
"Status": 1,
"Type": "cve",
"ModifyTs": 1620404763000,
"InternetIp": "1.2.XX.XX",
"PrimaryId": 101162078,
"Tag": "oval",
"InstanceName": "testInstance",
"Online": true,
"OsVersion": "linux",
"Name": "oval:com.redhat.rhsa:def:20170574",
"ResultCode": "0",
"InstanceId": "i-bp18t***",
"Related": "CVE-2017-7518,CVE-2017-12188",
"IntranetIp": "1.2.XX.XX",
"LastTs": 1620404763000,
"FirstTs": 1554189334000,
"RegionId": "cn-hangzhou",
"Necessity": "asap",
"RepairTs": 1541207563000,
"Uuid": "04c56617-23fc-43a5-ab9b-****",
"GroupId": 281801,
"ResultMessage": "timeout",
"AliasName": "RHSA-2019:0230-Important: polkit security update",
"ExtendContentJson": {
"Status": "1",
"Ip": "1.2.XX.XX",
"PrimaryId": 111,
"Os": "centos",
"Tag": "oval",
"LastTs": 1620404763000,
"Description": "kernel version:5.10.84-10.2.al8.x86_64",
"OsRelease": "7",
"AliasName": "RHSA-2019:0230-Important: polkit security update",
"AbsolutePath": "/roo/www/web",
"RpmEntityList": [
{
"FullVersion": "3.10.0-693.2.2.el7",
"Version": "3.10.0",
"MatchDetail": "python-perf version less than 0:3.10.0-693.21.1.el7",
"ImageName": "registry_387ytb_xxx",
"Path": "/usr/lib64/python2.7/site-packages",
"ContainerName": "k8s_67895c4_xxx",
"Name": "python-perf",
"UpdateCmd": "*** update python-perf",
"MatchList": [
"fastjson(jar) extendField.safemode equals false"
],
"Pid": "8664"
}
],
"cveList": [
"CVE-2016-8610"
],
"Necessity": {
"Status": "normal",
"Time_factor": "1.0",
"Enviroment_factor": "1.0",
"Is_calc": "1",
"Total_score": "7.8",
"Cvss_factor": "7.8",
"Assets_factor": "1"
}
},
"Bind": true,
"OsName": "CentOS 7.2 64-bit\n",
"AuthVersion": "3"
}
]
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | NoPermission | no permission | - |
400 | InnerError | InnerError | - |
400 | IllegalParam | Illegal param | - |
400 | DataNotExists | %s data not exist | - |
403 | NoPermission | caller has no permission | You are not authorized to do this operation. |
500 | ServerError | ServerError | - |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation | ||||||||
---|---|---|---|---|---|---|---|---|---|---|
2022-06-20 | The error codes of the API operation change.,The input parameters of the API operation change. | |||||||||
|