Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
/rest/{version}/scans/{scanId}
Descriptor | Value |
---|---|
HTTP Method | GET |
Description | Retrieves scan information. |
Required Permission | Read Access (Any Role) |
Version Introduced | 2.3.0 |
Changes in 2.5.0.2 | Added "originalFileNames" field to response. |
Changes in 2.5.1 | Added the updatedDate field to the response. This field is present when using older REST versions as well. |
Changes in 2.7 | Added scan metadata information to the REST call response. |
Changes in 2.8 | Added Pagination parameters "page" and "pageSize" to all versions of this call. Findings are now sorted by severity, then scanner vulnerability type name, then path. |
Changes in 2.8.3 | Added buildId field to the response. |
Request Header Parameters
Parameter | Value | Required | Description |
---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request GET Parameters
Parameter | Value | Required | Description |
---|---|---|---|
page | Integer | No | Which page of findings to retrieve of size "pageSize". Defaults to 1 if not provided. |
pageSize | Integer | No | How many findings to retrieve per "page". Defaults to 10000 if not provided and cannot be greater than 10000. |
Sample Call:
Code Block |
---|
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" http://localhost:8080/threadfix/rest/latest/scans/1?page=2&pageSize=20
|
Sample Output:
Values for importTime and updatedDate are returned as Epoch time in milliseconds.
Code Block |
---|
{ "message": "", "success": true, "responseCode": -1, "object": { "id": 30, "importTime": 1309962639000, "updatedDate": 1309962639000, "numberClosedVulnerabilities": 0, "numberNewVulnerabilities": 13, "numberOldVulnerabilities": 0, "numberResurfacedVulnerabilities": 0, "numberTotalVulnerabilities": 13, "numberRepeatResults": 0, "numberRepeatFindings": 0, "numberInfoVulnerabilities": 2, "numberLowVulnerabilities": 0, "numberMediumVulnerabilities": 6, "numberHighVulnerabilities": 5, "numberCriticalVulnerabilities": 0, "findings": [ { "id": 25007, "longDescription": null, "attackString": null, "attackRequest": "", "attackResponse": "", "nativeId": "b0f20dd0cf08dbea8da5744fcbdd1ebf", "displayId": null, "surfaceLocation": { "id": 25007, "parameter": "username", "path": "/demo/SQLI2.php" }, "sourceFileLocation": null, "dataFlowElements": [], "findingCves": [], "calculatedUrlPath": "/demo/SQLI2.php", "calculatedFilePath": "", "dependency": null, "severity": "High", "vulnerabilityType": "SQL injection vulnerability" }, { "id": 25008, "longDescription": null, "attackString": null, "attackRequest": "", "attackResponse": "", "nativeId": "766f606f9e293342f98fe53e704d2875", "displayId": null, "surfaceLocation": { "id": 25008, "parameter": "username", "path": "/demo/XPathInjection2.php" }, "sourceFileLocation": null, "dataFlowElements": [], "calculatedUrlPath": "/demo/XPathInjection2.php", "calculatedFilePath": "", "dependency": null, "severity": "Medium", "vulnerabilityType": "XPATH injection vulnerability" }, ///... Omitted findings for brevity ], "originalFileNames": [ "w3af-demo-site.xml", "w3af-demo-site-2.xml" ], "buildID" : null, "scanMetadata": [], "originalFileNames": [], "scannerName": "w3af", "numberUnassignedVulnerabilities": 0, } } |
Page Tree | ||
---|---|---|
|