As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Add Vulnerability to Existing Defect - API

/rest/{version}/applications/{appId}/appTrackers/{appDefectTrackerId}/attachToDefect


Descriptor

Value

HTTP Method

POST

Description

Allows user to add a vulnerability to a defect that has already been created.

Required Permission

Submit Defects

Version Introduced2.7.2


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.


Request POST Data Parameters

The available Data Parameters depend on the Defect Tracker being used and can vary based on your configurations for the Defect Tracker.  Use the “Get Defect Tracker Fields” call to see what you will need.  The following parameters should always be available.

Parameter

Value

Required

Description

defectId

String

Yes

The defect ID from the defect tracker application. For example, "THREAD-18477"

vulnerabilityIds

Integer

Yes

Ids for the vulnerabilities for which to file a defect.  All of the vulnerabilities are attached to the existing defect.


Sample Call:

curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'defectID=THREAD-18477&vulnerabilityIds=112883' http://localhost:8080/threadfix/rest/latest/applications/{appId}/appTrackers/{appTrackerId}/attachToDefect


Sample Output:


{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Successfully merged 1 vulnerability to Defect ID THREAD-18477"
}



www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.