Help us learn about your current experience with the documentation. Take the survey.
漏洞导出 API
- 层级:Ultimate
- 提供:GitLab.com, GitLab Self-Managed, GitLab Dedicated
每次调用漏洞导出 API 都必须进行 身份验证。
创建项目级漏洞导出
为项目创建新的漏洞导出。
如果经过身份验证的用户没有权限
创建新的漏洞,
此请求将返回 403 Forbidden 状态码。
每个用户一次只能为特定项目创建一个漏洞导出。
如果在前一个请求仍在进行时请求导出,将会收到 429 Too Many Requests 错误。
漏洞导出只能由导出作者访问。
POST /security/projects/:id/vulnerability_exports| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer or string | 是 | 经过身份验证的用户所属项目的 ID 或 URL 编码路径 |
send_email |
boolean | 否 | 设置为 true 时,导出完成后会向请求导出的用户发送电子邮件通知。 |
export_format |
string | 否 | 值:csv、pdf。默认为 csv。PDF 报告需要 vulnerabilities_pdf_export 功能标志。 |
report_data |
object | 否 | 报告组件的哈希映射,用于导出时使用的前端数据资源。例如:{ project_vulnerabilities_history: '<svg>some report asset</svg>' } |
PDF 导出的可用性由功能标志控制。更多信息请参阅 历史记录。
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/projects/1/vulnerability_exports"创建的漏洞导出会在 expires_at 字段指定的时间自动删除。
示例响应:
{
"id": 2,
"created_at": "2020-03-30T09:35:38.746Z",
"project_id": 1,
"group_id": null,
"format": "csv",
"status": "created",
"started_at": null,
"finished_at": null,
"send_email": false,
"expires_at": "2020-04-06T09:35:38.746Z",
"_links": {
"self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2",
"download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download"
}
}创建群组级漏洞导出
为群组创建新的漏洞导出。
如果经过身份验证的用户没有权限
创建新的漏洞,
此请求将返回 403 Forbidden 状态码。
每个用户一次只能为特定群组创建一个漏洞导出。
如果在前一个请求仍在进行时请求导出,将会收到 429 Too Many Requests 错误。
漏洞导出只能由导出作者访问。
POST /security/groups/:id/vulnerability_exports| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer or string | 是 | 经过身份验证的用户所属群组的 ID 或 URL 编码路径 |
export_format |
string | 否 | 值:csv、pdf。默认为 csv。PDF 报告需要 vulnerabilities_pdf_export 功能标志。 |
report_data |
object | 否 | 报告组件的哈希映射,用于导出时使用的前端数据资源。例如:{ project_vulnerabilities_history: '<svg>some report asset</svg>' } |
PDF 导出的可用性由功能标志控制。更多信息请参阅 历史记录。
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/groups/1/vulnerability_exports"创建的漏洞导出会在 expires_at 字段指定的时间自动删除。
示例响应:
{
"id": 2,
"created_at": "2020-03-30T09:35:38.746Z",
"project_id": null,
"group_id": 1,
"format": "csv",
"status": "created",
"started_at": null,
"finished_at": null,
"expires_at": "2020-04-06T09:35:38.746Z",
"_links": {
"self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2",
"download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download"
}
}创建实例级漏洞导出
为用户在安全仪表板中选择的项目创建新的漏洞导出。
POST /security/vulnerability_exportscurl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/vulnerability_exports"创建的漏洞导出会在 expires_at 字段指定的时间自动删除。
示例响应:
{
"id": 2,
"created_at": "2020-03-30T09:35:38.746Z",
"project_id": null,
"group_id": null,
"format": "csv",
"status": "created",
"started_at": null,
"finished_at": null,
"expires_at": "2020-04-06T09:35:38.746Z",
"_links": {
"self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2",
"download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download"
}
}获取单个漏洞导出
获取单个漏洞导出。
GET /security/vulnerability_exports/:id| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer or string | 是 | 漏洞导出的 ID |
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/vulnerability_exports/2"如果漏洞导出尚未完成,响应为 202 Accepted。
示例响应:
{
"id": 2,
"created_at": "2020-03-30T09:35:38.746Z",
"project_id": 1,
"group_id": null,
"format": "csv",
"status": "finished",
"started_at": "2020-03-30T09:36:54.469Z",
"finished_at": "2020-03-30T09:36:55.008Z",
"expires_at": "2020-04-06T09:35:38.746Z",
"_links": {
"self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2",
"download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download"
}
}下载漏洞导出
下载单个漏洞导出。
GET /security/vulnerability_exports/:id/download| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer or string | 是 | 漏洞导出的 ID |
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download"如果漏洞导出尚未完成或未找到,响应为 404 Not Found。
示例响应:
Group Name,Project Name,Tool,Scanner Name,Status,Vulnerability,Details,Additional Info,Severity,CVE,CWE,Other Identifiers,Detected At,Location,Activity,Comments,Full Path,CVSS Vectors,Dismissal Reason
Gitlab.org,Defend,container_scanning,Trivy,resolved,CVE-2019-14697 in musl-utils-1.1.20-r4,"musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.",CVE-2019-14697 in musl-utils-1.1.20-r4,critical,CVE-2019-14697,,"",2022-10-07 13:34:41 UTC,"{""image""=>""python:3.4-alpine"", ""dependency""=>{""package""=>{""name""=>""musl-utils""}, ""version""=>""1.1.20-r4""}, ""operating_system""=>""alpine 3.9.2""}",true,"2022-10-07 13:41:08 UTC|root|resolved|changed vulnerability status to resolved",group/project/1,,,
Gitlab.org,Defend,container_scanning,Trivy,detected,CVE-2019-19242 in sqlite-libs-3.26.0-r3,"SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.",CVE-2019-19242 in sqlite-libs-3.26.0-r3,medium,CVE-2019-19242,,"",2022-10-07 13:34:41 UTC,"{""image""=>""python:3.4-alpine"", ""dependency""=>{""package""=>{""name""=>""sqlite-libs""}, ""version""=>""3.26.0-r3""}, ""operating_system""=>""alpine 3.9.2""}",true,"",group/project/2,,,
Gitlab.org,Defend,container_scanning,Trivy,detected,CVE-2020-28928 in musl-1.1.20-r4,"In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).",CVE-2020-28928 in musl-1.1.20-r4,medium,CVE-2020-28928,,"",2022-10-07 13:34:41 UTC,"{""image""=>""python:3.4-alpine"", ""dependency""=>{""package""=>{""name""=>""musl""}, ""version""=>""1.1.20-r4""}, ""operating_system""=>""alpine 3.9.2""}",true,"",group/project/3,,,
Gitlab.org,Defend,dependency_scanning,Gemnasium,detected,Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in rack,Carefully crafted requests can cause shell escape sequences to be written to the terminal via Rack's Lint middleware and CommonLogger middleware. These escape sequences can be leveraged to possibly execute commands in the victim's terminal.,Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in rack,unknown,Gemfile.lock:rack:gemnasium:60b5a27f-4e4d-4ab4-8ae7-74b4b212e177,,Gemnasium-60b5a27f-4e4d-4ab4-8ae7-74b4b212e177; GHSA-wq4h-7r42-5hrr,2022-10-14 13:16:00 UTC,"{""file""=>""Gemfile.lock"", ""dependency""=>{""package""=>{""name""=>""rack""}, ""version""=>""2.2.3""}}",false,group/project/4,,,
Gitlab.org,Defend,dependency_scanning,Gemnasium,detected,Denial of Service Vulnerability in Rack Multipart Parsing in rack,"Carefully crafted multipart POST requests can cause Rack's multipart parser to take much longer than expected, leading to a possible denial of service vulnerability. Impacted code will use Rack's multipart parser to parse multipart posts.",Denial of Service Vulnerability in Rack Multipart Parsing in rack,unknown,Gemfile.lock:rack:gemnasium:20daa17a-47b5-4f79-80c2-cd8f2db9805c,,Gemnasium-20daa17a-47b5-4f79-80c2-cd8f2db9805c; GHSA-hxqx-xwvh-44m2,2022-10-14 13:16:00 UTC,"{""file""=>""Gemfile.lock"", ""dependency""=>{""package""=>{""name""=>""rack""}, ""version""=>""2.2.3""}}",false,group/project/5,,,
Gitlab.org,Defend,sast,Brakeman,detected,Possible SQL injection,,Possible SQL injection,medium,e52f23a259cd489168b4313317ac94a3f13bffde57b9635171c1a44a9f329e9a,,"""Brakeman Warning Code 0""",2022-10-13 15:16:36 UTC,"{""file""=>""main.rb"", ""class""=>""User"", ""method""=>""index"", ""start_line""=>3}",false,"",group/project/6,,,
Gitlab.org,Defend,sast,Semgrep,dismissed,Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'),"SQL Injection is a critical vulnerability that can lead to data or system compromise...",,critical,,CWE-89,SCS0002,2023-12-28 10:48:34 UTC,"{""file""=>""WebGoat/App_Code/DB/SqliteDbProvider.cs"", ""start_line""=>274}",false,"2023-12-28 10:51:32 UTC|root|Dismissed|""changed vulnerability status to Dismissed: Not Applicable and the following comment: ""dismiss 5""",gitlab-org/defend/579,,Not applicable,