search
Book a demo

getCicdIssue

Retrieves single CI/CD issue information.

hashtag
Examples

query GetCICDIssue($getSingleIssueInput: SingleIssueInput) {
  getCICDIssue(getSingleIssueInput: $getSingleIssueInput) {
    importantSeverityBreakdown
    overrideSeverityReason
    highestOXCVESeverity
    latestCommit {
      originalSeverity
      oxSeverity
      callBranch
      linkToExternalProduct
      stars
      forks
      downloads
      vulBySeverity
      nameAndVer
      sourceRepoName
      sourceRepoLink
      sourceCreationDate
      sourceLastModifyDate
      destinationRepoName
      destinationRepoLink
      destinationCreationDate
      destinationLastModifyDate
      destinationRepoVisibility
      reasons
      _id
      url
      additionalToolData
      events
      allEvents
      pushType
      sha
      title
      link
      mergedBy
      date
      fileCount
      diffInDays
      reviewers
      user
      userLink
      userAvatar
      devOperation
      devOperationDate
      adminOperation
      adminOperationDate
      reviewOperation
      reviewOperationDate
      orgRole
      earliestActivityDate
      repoPermissions
      adminLocation
      email
      pullRequestsCount
      diffFromNowToCreatedAtInDays
      username
      accessLevel
      createdAt
      lastAccess
      fileName
      fileUri
      startLine
      endLine
      match
      snippet
      commitLink
      commitBy
      mergeDate
      dateCommitPushed
      pullRequestNumber
      pullRequestLink
      codeOwners
      region
      eduVideoLink
      resource
      service
      accountName
      cloudEnv
      secret
      secretType
      secretTypeDescription
      secretStatus
      image
      imageCreatedAt
      pkgCount
      dockerVer
      os
      binariesCount
      tag
      reputation
      sha256
      size
      pushedAt
      source
      sourceLink
      ruleId
      realMatch
      excludedByAlert
      filePath
      lockfile
      accountId
      snippetLineNumber
      language
      daysOpen
      isFixAvailable
      aggId
      pkgName
      installedVersion
      fixedVersion
      triggerPkgName
      triggerPkgVersion
      triggerPkgUpgradeVersion
      dependencyType
      branch
      hashAggId
      repo
      repoCreator
      lastCodeDate
      lastAdminOperation
      exclusionId
      numberOfReposDomainAppear
      layer
      baseImage
      imageLink
      registryName
      project
      resourceGroup
      cloudResourceTags
      location
      locationLink
      parameter
      test
      cvss
      evidence
      request
      response
      dastUrl
      method
      parameterType
      value
      cluster
      type
      cloudType
      k8sType
      consoleLink
      name
      subscriptionId
      stringifiedClusters
      aggStatus
      falsePositive {
        isFalsePositive
        comment
        reportedBy
        reportedAt
        isCanceled
        cancelComment
        canceledBy
        canceledAt
        commentWhenCanceled
      }
      cbomId
      prDeatils {
        sourceControlType
        issueId
        appId
        repo
        prId
        prURL
        prBranchName
        commitMessage
        commiter
        comment
        date
        prTitle
        prBody
        prStatus
        prApprover
        prReviewer
        prMergeTime
      }
      triage {
        triageStatus
        createdBy
        createdAt
      }
    }
    additionalTabs {
      type
      aggItems {
        originalSeverity
        oxSeverity
        callBranch
        linkToExternalProduct
        stars
        forks
        downloads
        vulBySeverity
        nameAndVer
        sourceRepoName
        sourceRepoLink
        sourceCreationDate
        sourceLastModifyDate
        destinationRepoName
        destinationRepoLink
        destinationCreationDate
        destinationLastModifyDate
        destinationRepoVisibility
        reasons
        _id
        url
        additionalToolData
        events
        allEvents
        pushType
        sha
        title
        link
        mergedBy
        date
        fileCount
        diffInDays
        reviewers
        user
        userLink
        userAvatar
        devOperation
        devOperationDate
        adminOperation
        adminOperationDate
        reviewOperation
        reviewOperationDate
        orgRole
        earliestActivityDate
        repoPermissions
        adminLocation
        email
        pullRequestsCount
        diffFromNowToCreatedAtInDays
        username
        accessLevel
        createdAt
        lastAccess
        fileName
        fileUri
        startLine
        endLine
        match
        snippet
        commitLink
        commitBy
        mergeDate
        dateCommitPushed
        pullRequestNumber
        pullRequestLink
        codeOwners
        region
        eduVideoLink
        resource
        service
        accountName
        cloudEnv
        secret
        secretType
        secretTypeDescription
        secretStatus
        image
        imageCreatedAt
        pkgCount
        dockerVer
        os
        binariesCount
        tag
        reputation
        sha256
        size
        pushedAt
        source
        sourceLink
        ruleId
        realMatch
        excludedByAlert
        filePath
        lockfile
        accountId
        snippetLineNumber
        language
        daysOpen
        isFixAvailable
        aggId
        pkgName
        installedVersion
        fixedVersion
        triggerPkgName
        triggerPkgVersion
        triggerPkgUpgradeVersion
        dependencyType
        branch
        hashAggId
        repo
        repoCreator
        lastCodeDate
        lastAdminOperation
        exclusionId
        numberOfReposDomainAppear
        layer
        baseImage
        imageLink
        registryName
        project
        resourceGroup
        cloudResourceTags
        location
        locationLink
        parameter
        test
        cvss
        evidence
        request
        response
        dastUrl
        method
        parameterType
        value
        cluster
        type
        cloudType
        k8sType
        consoleLink
        name
        subscriptionId
        stringifiedClusters
        aggStatus
        falsePositive {
          isFalsePositive
          comment
          reportedBy
          reportedAt
          isCanceled
          cancelComment
          canceledBy
          canceledAt
          commentWhenCanceled
        }
        cbomId
        prDeatils {
          sourceControlType
          issueId
          appId
          repo
          prId
          prURL
          prBranchName
          commitMessage
          commiter
          comment
          date
          prTitle
          prBody
          prStatus
          prApprover
          prReviewer
          prMergeTime
        }
        triage {
          triageStatus
          createdBy
          createdAt
        }
      }
    }
    issueDetailsHeaders {
      id
      label
      featureFlag
    }
    compliance {
      standard
      standardLink
      control
      category
      description
      categoryLink
      controlLink
    }
    sbom {
      id
      references {
        triggerPackage
        location
        locationLink
        dependencyType
        dependencyLevel
        commit {
          commitedAt
          committerName
          committerEmail
        }
        fileName
      }
      language
      libraryName
      libraryVersion
      license
      appName
      location
      dependencyType
      source
      appId
      locationLink
      appLink
      pkgName
      copyWriteInfo
      copyWriteInfoLink
      libLink
      vulnerabilityCounts {
        appox
        critical
        high
        medium
        low
        info
      }
      triggerPackage
      vulnerabilities {
        issueId
        oxSeverity
        severityNumberFromTool
        severityFromTool
        cve
        cveLink
        cvsVer
        cvssVersion
        epss
        percentile
        libName
        dependencyChain
        runtimeStatus
        libVersion
        chainDepth
        exploitInTheWild
        exploitInTheWildLink
        description
        dateDiscovered
        minorVerWithFix
        majorVerWithFix
        exploitRequirement
        exploitCode
        originalSeverity
      }
      latestVersion
      latestVersionDate
      stars
      forks
      openIssues
      packageManager
      packageManagerLink
      maintainers
      contributors
      downloads
      sourceLink
      notPopular
      licenseIssue
      malicious
      malwareType
      osVname
      notMaintained
      isDeprecated
      notImported
      notUpdated
      dependencyLevel
      requestId
      licenseLink
      artifactInSbomLibs {
        image
        imageLink
        imageCreatedAt
        sha
        os
        osVersion
        baseImage
        baseImageVersion
        tag
        layer
        registryName
        source
      }
      sha
      maintainersList {
        name
        email
      }
      runtimeStatus
      usedVersionReleaseDate
      projectDescription
    }
    dependencyGraph {
      nodes {
        id
        name
        width
        height
        vulnerable
      }
      allNodes {
        id
        name
        width
        height
        vulnerable
      }
      edges {
        v
        w
      }
      allEdges {
        v
        w
      }
    }
    groupId
    name
    mainTitle
    secondTitle
    scanId
    sla {
      daysPastSLA
      status
    }
    issueUpdatedAt
    scanDate
    description
    impact
    exposure
    severity
    owners
    ownerEmails
    occurrences
    score {
      value
      comments
    }
    orgConScore
    connector
    learnMore
    extraInfo {
      key
      val
      value
      snippet {
        detectionType
        fileName
        snippetLineNumber
        language
        text
      }
      link
      callBranch
      iconLink
      tags
    }
    resource {
      id
      type
    }
    appName
    app {
      id
      name
      businessPriority
      riskScore
      secPosture
      type
      typeComments
      applicationFlows {
        artifacts {
          type
          name
          hashType
          system
          subType
          hash
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
          linkName
          k8sType
          cluster
          region
        }
        cloudDeployments {
          type
          subType
          name
          hash
          hashType
          link
          location {
            runBy
            foundBy
            foundIn
            link
          }
          k8sType
          imageName
          date
          cluster
          region
        }
        cicdInfo {
          type
          system
          latestDate
          lastMonthJobCount
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        orchestrators {
          type
          name
          hashType
          system
          hash
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        kubernetes {
          type
          name
          hashType
          system
          hash
          subType
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        repository {
          type
          system
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
      }
      fakeApp
      originBranchName
      repoId
      organization
      repoName
      owners {
        name
        email
        roles
      }
      credentialsId
      lastCodeChange
      createdAt
      publicVisibility
      branch
    }
    policy {
      id
      name
      detailedDescription
    }
    issueId
    category {
      name
      categoryId
      subCategoryName
      subCategoryComment
    }
    aggregations {
      type
      summary {
        summary
        comment
      }
      columns {
        columns {
          header
          key
          tooltip
          href
          type
        }
        comment
      }
      items {
        originalSeverity
        oxSeverity
        callBranch
        linkToExternalProduct
        stars
        forks
        downloads
        vulBySeverity
        nameAndVer
        sourceRepoName
        sourceRepoLink
        sourceCreationDate
        sourceLastModifyDate
        destinationRepoName
        destinationRepoLink
        destinationCreationDate
        destinationLastModifyDate
        destinationRepoVisibility
        reasons
        _id
        url
        additionalToolData
        events
        allEvents
        pushType
        sha
        title
        link
        mergedBy
        date
        fileCount
        diffInDays
        reviewers
        user
        userLink
        userAvatar
        devOperation
        devOperationDate
        adminOperation
        adminOperationDate
        reviewOperation
        reviewOperationDate
        orgRole
        earliestActivityDate
        repoPermissions
        adminLocation
        email
        pullRequestsCount
        diffFromNowToCreatedAtInDays
        username
        accessLevel
        createdAt
        lastAccess
        fileName
        fileUri
        startLine
        endLine
        match
        snippet
        commitLink
        commitBy
        mergeDate
        dateCommitPushed
        pullRequestNumber
        pullRequestLink
        codeOwners
        region
        eduVideoLink
        resource
        service
        accountName
        cloudEnv
        secret
        secretType
        secretTypeDescription
        secretStatus
        image
        imageCreatedAt
        pkgCount
        dockerVer
        os
        binariesCount
        tag
        reputation
        sha256
        size
        pushedAt
        source
        sourceLink
        ruleId
        realMatch
        excludedByAlert
        filePath
        lockfile
        accountId
        snippetLineNumber
        language
        daysOpen
        isFixAvailable
        aggId
        pkgName
        installedVersion
        fixedVersion
        triggerPkgName
        triggerPkgVersion
        triggerPkgUpgradeVersion
        dependencyType
        branch
        hashAggId
        repo
        repoCreator
        lastCodeDate
        lastAdminOperation
        exclusionId
        numberOfReposDomainAppear
        layer
        baseImage
        imageLink
        registryName
        project
        resourceGroup
        cloudResourceTags
        location
        locationLink
        parameter
        test
        cvss
        evidence
        request
        response
        dastUrl
        method
        parameterType
        value
        cluster
        type
        cloudType
        k8sType
        consoleLink
        name
        subscriptionId
        stringifiedClusters
        aggStatus
        falsePositive {
          isFalsePositive
          comment
          reportedBy
          reportedAt
          isCanceled
          cancelComment
          canceledBy
          canceledAt
          commentWhenCanceled
        }
        cbomId
        prDeatils {
          sourceControlType
          issueId
          appId
          repo
          prId
          prURL
          prBranchName
          commitMessage
          commiter
          comment
          date
          prTitle
          prBody
          prStatus
          prApprover
          prReviewer
          prMergeTime
        }
        triage {
          triageStatus
          createdBy
          createdAt
        }
      }
    }
    recommendation
    violationInfoTitle
    sourceTools
    ruleId
    fixes {
      settingType
      tooltip
      description
      warning
      confirmation
      inputs {
        type
        name
        options {
          name
          selected
          metadata
          info
          displayName
          isDisabled
        }
        multiSelect
        maxSelect
        minSelect
        displayName
      }
    }
    fixAppliedDeatils {
      appliedBy
      appliedDate
    }
    cwe
    fixLink
    cweList {
      name
      description
      url
    }
    dependencyChain
    publicExploitLink
    createdAt
    tickets {
      provider
      ticketId
      createdBy
      issueId
      issueName
      appName
      appId
      category
      assignee
      reporter
      link
      project
      issueType
      key
    }
    slackNotification {
      channelName
      timestamp
    }
    messages {
      messagingVendor
      recipients {
        name
        id
        type
      }
      createdAt
    }
    fixIssue {
      fixType
      fixTitle
      fixDescription
      isFixApplied
      fixAppliedBy
      sourceControlType
      fixDate
    }
    requestContent
    responseContent
    autoFix {
      fixType
      fixTitle
      fixDescription
      isFixApplied
      fixAppliedBy
      sourceControlType
      fixDate
    }
    lowerSeverityReason
    severityChange
    originalToolSeverity
    scaVulnerabilities {
      issueId
      oxSeverity
      severityNumberFromTool
      severityFromTool
      cve
      cveLink
      cvsVer
      cvssVersion
      epss
      percentile
      libName
      dependencyChain
      runtimeStatus
      libVersion
      chainDepth
      exploitInTheWild
      exploitInTheWildLink
      description
      dateDiscovered
      minorVerWithFix
      majorVerWithFix
      exploitRequirement
      exploitCode
      originalSeverity
    }
    dependencyGraphNodes {
      id
      name
      width
      height
      vulnerable
    }
    dependencyGraphEdges {
      v
      w
    }
    scaTriggerPkg
    scaTriggerPkgs {
      scaTriggerPkg
      fileName
    }
    pkgSemanticVersion
    severityChangeReason
    severityChangedReason {
      changeNumber
      withoutAutoNumbering
      evidenceLabel
      reason
      shortName
      changeCategory
      extraInfo {
        key
        value
        link
        snippet {
          snippetLineNumber
          language
          text
          fileName
        }
        iconLink
        callBranch
      }
      extraInfoContainer {
        layerSha
        layerNum
        artifactName
        sha
        registryName
      }
      order
    }
    aggSeverityExplanation
    aggSFsForCalcDisplay {
      changeNumber
      withoutAutoNumbering
      evidenceLabel
      reason
      shortName
      changeCategory
      extraInfo {
        key
        value
        link
        snippet {
          snippetLineNumber
          language
          text
          fileName
        }
        iconLink
        callBranch
      }
      extraInfoContainer {
        layerSha
        layerNum
        artifactName
        sha
        registryName
      }
      order
    }
    resolvedIssueDate
    isPRAvailable
    cicdFields {
      issueStatus
      sourceBranch
      targetBranch
      jobId
      jobTriggeredAt
      jobTriggeredAtDate
      jobTriggeredBy
      jobTriggeredReason
      jobUrl
      pullRequestId
      pullRequestUrl
      enforcement
      excludedByAlert
      cicdEventType
      workflows {
        id
        name
      }
    }
    comment
    excludedByAlert
    excludedByPolicy
    excludedByApp
    countRule
    exclusionId
    languageInfo {
      name
      version
    }
    isMonoRepoChild
    monoRepoParent
    isFixAvailable
    isFixApplied
    isGPTFixAvailable
    oscarData {
      name
      description
      url
      id
    }
    gptInfo {
      gptResponse
      user
      createdAt
    }
    prDeatils {
      sourceControlType
      issueId
      appId
      repo
      prId
      prURL
      prBranchName
      commitMessage
      commiter
      comment
      date
      prTitle
      prBody
      prStatus
      prApprover
      prReviewer
      prMergeTime
    }
    tags {
      tagId
      name
      email
      displayName
      tagType
      createdBy
      purpose
      deploymentModel
      tagCategory
    }
    originalSeverity
    overrideSeverity
    isFalsePositive
    falsePositiveComment
    isCanceledFalsePositive
    cancelFalsePositiveComment
    falsePositiveDetails {
      canceledBy
      reportedBy
      commentWhenCanceled
      aggregationsStatus
    }
    issueStatus
    scanIssueStatus
    resolvedReason
    resolvedDetails
    resolvedReasonDetails {
      description
    }
    disappearedReason
    disappearedDetails
    disappearedReasonDetails {
      description
    }
    disappearedDate
    correlatedIssueId
    correlatedRegistry
    scaFixType
    previousSeverity {
      severity
      severityChangedDate
    }
    version
    severityFactorsDiff {
      shortName
      change
      status
    }
    exposedByApiItems {
      apiId
      codeLocations {
        link
        callBranch
      }
    }
    originBranchName
    exclusionComment
    exclusionExpiredAt
    problematicPkg
    serverlessDeploymentOperation {
      userIdentity {
        type
        principalId
        arn
        accountId
        accessKeyId
        sessionContext {
          sessionIssuer {
            type
            principalId
            arn
            accountId
            userName
          }
          attributes {
            creationDate
            mfaAuthenticated
          }
        }
      }
      deploymentTime
      sourceIPAddress
      userAgent
      connectedFromConsole
      location
      linkToCode
      functionName
      functionArn
      internalFunctionName
      cloudRegion
      version
      revisionId
      codeSha256
      entryPoint
      codeSize
      memorySize
      timeout
      runtime
      runtimeVersionConfig {
        runtimeVersionArn
      }
      architectures
      role
      recipientAccountId
      description
    }
    eventFromExternalTool
    issueOwners {
      name
      email
    }
    cveExclusions {
      label
      recommended
      tooltip
      type
      id
      oxRuleId
      level
      excludeBy
      uidOnly
      isDefault
      ffKey
      exclusionScope
    }
  }
}

Variables

This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.

hashtag
Arguments

You can use the following argument(s) to customize your getCICDIssue query.

Argument
Description
Supported fields

getSingleIssueInput SingleIssueInput

issueId String! scanId String getLatestStableData Boolean

hashtag
Fields

Return type: Issue

You can use the following field(s) to specify what information your getCICDIssue query will return. Please note that some fields may have their own subfields.

Field
Description
Supported fields

importantSeverityBreakdown [String]

Array of severity breakdowns based on important factors

isCVERelated Boolean ⚠️

Deprecated: This field is not used anymore

overrideSeverityReason String

Reason for severity override

highestOXCVESeverity String

Highest severity level associated with the issue based on OX CVE data

latestCommit AggItem

Information about the latest commit associated with this issue

originalSeverity Int oxSeverity Int callBranch [String] linkToExternalProduct String stars String forks String downloads String vulBySeverity String nameAndVer String sourceRepoName String sourceRepoLink String sourceCreationDate String sourceLastModifyDate String destinationRepoName String destinationRepoLink String destinationCreationDate String destinationLastModifyDate String destinationRepoVisibility String reasons String _id String url String additionalToolData String events String allEvents String pushType String sha String title String link String mergedBy String date String fileCount Int diffInDays Int reviewers String user String userLink String userAvatar String devOperation String devOperationDate String adminOperation String adminOperationDate String reviewOperation String reviewOperationDate String orgRole String earliestActivityDate String repoPermissions String adminLocation String email String pullRequestsCount Int diffFromNowToCreatedAtInDays Int username String accessLevel String createdAt String lastAccess String fileName String fileUri String startLine Int endLine Int match String snippet String commitLink String commitBy String mergeDate String dateCommitPushed String pullRequestNumber String pullRequestLink String codeOwners [String] region String eduVideoLink String resource String service String accountName String cloudEnv String secret String secretType String secretTypeDescription String secretStatus String image String imageCreatedAt String pkgCount Int dockerVer String os String binariesCount Int tag String reputation String sha256 String size String pushedAt String source String sourceLink String ruleId String realMatch String excludedByAlert Boolean filePath String lockfile String accountId String snippetLineNumber Int language String daysOpen String isFixAvailable Boolean aggId String pkgName String installedVersion String fixedVersion String triggerPkgName String triggerPkgVersion String triggerPkgUpgradeVersion String dependencyType String branch String hashAggId String repo String repoCreator String lastCodeDate String lastAdminOperation String exclusionId String numberOfReposDomainAppear Int layer String baseImage String imageLink String registryName String project String resourceGroup String cloudResourceTags String location String locationLink String parameter String test String cvss Float evidence String request String response String dastUrl String method String parameterType String value String cluster String type String cloudType String k8sType String consoleLink String name String subscriptionId String stringifiedClusters String aggStatus String falsePositive FalsePositive cbomId String prDeatils PullRequest triage Triage

additionalTabs [AdditionalTab]

Additional tabs containing aggregated or supplemental information

type String aggItems [AggItem]

issueDetailsHeaders [IssueDetailsTabs]

Headers for issue details tabs

id String label String featureFlag String

compliance [ComplianceItem]

Compliance-related information linked to the issue

standard String standardLink String control String category String description String categoryLink String controlLink String

sbom SbomLib

Software Bill of Materials (SBOM) information

id String references [SbomReference] appType String language String libId String libraryName String libraryVersion String license String appName String location String dependencyType String source String appId String locationLink String appLink String pkgName String copyWriteInfo [String] copyWriteInfoLink String libLink String vulnerabilityCounts IssuesBySeverity triggerPackage String vulnerabilities [SCAVulnerability] latestVersion String latestVersionDate String stars Int forks Int openIssues Int packageManager String packageManagerLink String maintainers Int contributors Int downloads Int sourceLink String notPopular Boolean licenseIssue Boolean malicious Boolean malwareType String osVname String notMaintained Boolean isDeprecated Boolean notImported Boolean notUsed Boolean notUpdated Boolean dependencyLevel Int requestId String licenseLink String artifactInSbomLibs [ArtifactInSbomLibs] sha String maintainersList [Maintainer] runtimeStatus String usedVersionReleaseDate String projectDescription String

dependencyGraph SbomDependencyGraphResponse

Dependency graph data for the issue

nodes [DependencyNode] allNodes [DependencyNode] edges [DependencyEdge] allEdges [DependencyEdge]

groupId String

Group identifier for grouped issues

name String

Name of the issue

mainTitle String

Primary title of the issue

secondTitle String

Secondary title of the issue

scanId String

Scan identifier where the issue was detected

created Float ⚠️

Deprecated: Use createdAt instead

sla SlaData

Service Level Agreement (SLA) data for the issue

daysPastSLA Float status SlaStatus

issueUpdatedAt Float

Timestamp when the issue was last updated

scanDate Float

Scan date when the issue was detected

description String

Detailed description of the issue

impact String

Impact description of the issue

exposure String

Exposure description of the issue

severity String

Severity level of the issue

owners [String]

List of owners associated with the issue

ownerEmails [String]

Email addresses of the owners

occurrences Int

Number of occurrences of the issue

score IssueScore

Score assigned to the issue based on severity and other factors

value Float comments String

orgConScore Float

connector String

Connector name associated with the issue

learnMore [String]

List of URLs for further information about the issue

extraInfo [ExtraInfo]

Extra information related to the issue

key String val String value String snippet ExtraInfoSnippet link String callBranch [String] iconLink String tags [String]

resource IssueResource

Resource details associated with the issue

id String type String

appName String

Full application name

app IAppsInfo

Application information associated with the issue

id String name String businessPriority Float riskScore Float secPosture Float type String typeComments String applicationFlows ApplicationFlow fakeApp Boolean originBranchName String repoId String organization String repoName String owners [OwnerInfo] credentialsId String lastCodeChange String createdAt String publicVisibility Boolean branch String

policy IPolicy

Policy data associated with the issue

id String name String detailedDescription String

issueId String

Unique identifier for the issue instance

category ICategory

Category information for the issue

name String categoryId Int subCategoryName String subCategoryComment String

aggregations IAggregations

Aggregation data for the issue

type String summary IAggSummary columns IAggColumns items [AggItem]

recommendation String

Recommended remediation for the issue

violationInfoTitle String

Title for violation information

sourceTools [String]

Source tools that reported the issue

ruleId String

Rule identifier associated with the issue

fixes PolicyFix

Fix information for the issue

settingType String tooltip String description String warning String confirmation String inputs [FixInput]

fixAppliedDeatils FixAppliedDeatils

Details about applied fixes

appliedBy String appliedDate Date

cwe [String]

Common Weakness Enumeration (CWE) identifiers associated with the issue

fixLink String

Link to the fix for the issue

cweList [CweList]

List of CWE items related to the issue

name String description String url String

dependencyChain [String]

Dependency chain for the issue

publicExploitLink String

Link to public exploit related to the issue, if available

createdAt Float

Original creation date of the issue, based on scan history

tickets [Ticket]

List of tickets associated with the issue

provider Provider ticketId String createdBy String issueId String issueName String appName String appId String category String assignee String reporter String link String project String issueType String key String

slackNotification [SlackNotification]

Slack notifications related to the issue

channelName String timestamp String

messages [IssueMessage]

Messages or comments related to the issue

messagingVendor MessagingVendorsTypes recipients [Recipient] createdAt Date

fixIssue FixIssue

Information about available fixes for the issue

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

requestContent String

DAST Request content

responseContent String

DAST Response content

autoFix FixIssue

Automatic fix information

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

lowerSeverityReason [String]

Reasons for lowering the severity of the issue

severityChange String

Explanation for severity change

originalToolSeverity String

Original severity reported by the tool

scaVulnerabilities [SCAVulnerability]

Software Composition Analysis (SCA) vulnerabilities associated with the issue

issueId String oxSeverity String severityNumberFromTool String severityFromTool String cve String cveLink String cvsVer String cvssVersion Float epss Float percentile Float libName String dependencyChain String runtimeStatus String libVersion String chainDepth Int exploitInTheWild Boolean exploitInTheWildLink String description String dateDiscovered String minorVerWithFix String majorVerWithFix String exploitRequirement String exploitCode String originalSeverity String

dependencyGraphNodes [DependencyNode]

Nodes in the dependency graph

id String name String width String height String vulnerable Boolean

dependencyGraphEdges [DependencyEdge]

Edges in the dependency graph

v String w String

scaTriggerPkg String

Trigger package for SCA vulnerability detection

scaTriggerPkgs [TriggerPackage]

List of trigger packages for SCA vulnerabilities

scaTriggerPkg String fileName String

pkgSemanticVersion String

Semantic version of the package associated with the issue

graphExist Boolean ⚠️

Deprecated: This field is not used anymore

indirectSupported Boolean ⚠️

Deprecated: This field is not used anymore

severityChangeReason [String]

Severity Factors

severityChangedReason [SeverityChangedReason]

Detailed reasons for severity change

changeNumber Float withoutAutoNumbering Boolean evidenceLabel String reason String shortName String changeCategory String extraInfo [SeverityChangedExtraInfo] extraInfoContainer [ExtraInfoContainer] order Int

aggSeverityExplanation String

Explanation for the aggregation level severity change

aggSFsForCalcDisplay [SeverityChangedReason]

Aggregations level severity factors that affect issue level severity

changeNumber Float withoutAutoNumbering Boolean evidenceLabel String reason String shortName String changeCategory String extraInfo [SeverityChangedExtraInfo] extraInfoContainer [ExtraInfoContainer] order Int

resolvedIssueDate Float

Resolved issue date for fixed issues

isPRAvailable Boolean

Indicates if a Pull Request (PR) is available for the issue

cicdFields CICDFields

CICD-specific fields for the issue

issueStatus CICDIssueStatus sourceBranch String targetBranch String isBlocking Boolean jobId String jobTriggeredAt String jobTriggeredAtDate Float jobTriggeredBy String jobTriggeredReason String jobUrl String pullRequestId String pullRequestUrl String enforcement String excludedByAlert Boolean cicdEventType String workflows [OxWorkflow]

comment String

User comment on the issue

excludedByAlert Boolean

Indicates if the issue is excluded by alert

excludedByPolicy Boolean

Indicates if the issue is excluded by policy

excludedByApp Boolean

Indicates if the issue is excluded by application

countRule CountRule

Count rule based on occurrences in policy

exclusionId String

Exclusion identifier for snoozed or reappearing issues

languageInfo LanguageInfo

Language information where the issue was found

name String version String

isMonoRepoChild Boolean

Indicates if the issue belongs to a monorepo child

monoRepoParent String

Identifier for the monorepo parent

isFixAvailable Boolean

Indicates if a fix is available for the issue

isFixApplied Boolean

Indicates if a fix has been applied

isGPTFixAvailable Boolean

Indicates if a GPT-generated fix is available

oscarData [OscarItem]

OSCAR data associated with the issue

name String description String url String id String

gptInfo GPTInfo

GPT information related to the issue

gptResponse String user String createdAt Date

prDeatils PullRequest

Pull request details for the issue

sourceControlType String issueId String appId String repo String prId String prURL String prBranchName String commitMessage String commiter String comment String date Date prTitle String prBody String prStatus String prApprover String prReviewer String prMergeTime Date

tags [AppTag]

Tags associated with the application

tagId String name String email String displayName String tagType OxTagType createdBy String purpose String deploymentModel String tagCategory String

originalSeverity Int

Original severity level before overrides

overrideSeverity Boolean

Indicates if the severity has been overridden

isFalsePositive Boolean

Indicates if the issue is marked as a false positive

falsePositiveComment String

Comment for marking the issue as a false positive

isCanceledFalsePositive Boolean

Indicates if the issue is marked as a canceled false positive

cancelFalsePositiveComment String

Comment for marking the issue as a canceled false positive

falsePositiveDetails FalsePositiveDetails

Detailed information about the false positive status on issue level

canceledBy String reportedBy String commentWhenCanceled String aggregationsStatus String

issueStatus IssueStatus

Status of the issue (open, resolved, etc.)

scanIssueStatus IssueStatus

Issue status based on the scan

resolvedReason String

Reason for issue resolution

resolvedDetails String

resolvedReasonDetails ReasonDetails

Additional details for the resolved reason

description String

disappearedReason String

Additional information about why the issue disappeared

disappearedDetails String

Detailed information about the reason for disappearance

disappearedReasonDetails ReasonDetails

Detailed reason data for the disappearance of the issue

description String

disappearedDate Float

Timestamp when the issue disappeared

correlatedIssueId String

Identifier for correlated issues across scans

correlatedRegistry String

Registry associated with the correlated issue

scaFixType ScaFixType

Type of fix available for Software Composition Analysis (SCA) issues

previousSeverity PrevSeverity

Previous severity before any changes were applied

severity String severityChangedDate Date

version String

Version of the package or component associated with the issue

severityFactorsDiff [SeverityFactorsDiff]

Difference in severity factors between scans

shortName String change Float status SeverityFactorStatus

exposedByApiItems [ExposedByApiItem]

Items that expose the issue through APIs

apiId String codeLocations [CodeLocation]

originBranchName String

Branch name where the issue was found

exclusionComment String

Comment provided for excluding the issue

exclusionExpiredAt Date

Timestamp indicating when the exclusion expires

problematicPkg String

Problematic package associated with the issue

serverlessDeploymentOperation ServerlessDeploymentOperation

Serverless deployment operation details

userIdentity ServerlessDeploymentUserIdentity deploymentTime String sourceIPAddress String userAgent String connectedFromConsole String location String linkToCode String functionName String functionArn String internalFunctionName String cloudRegion String version String revisionId String codeSha256 String entryPoint String codeSize Int memorySize Int timeout Int runtime String runtimeVersionConfig ServerlessDeploymentRuntimeVersionConfig architectures [String] role String recipientAccountId String description String

eventFromExternalTool Boolean

Indicates if the issue is from an external tool

issueOwners [IOwner]

List of owners associated with the issue

name String email String

cveExclusions [RecommendedExclusions]

cve exclusions associated with the issue

label String recommended Boolean tooltip String type String id String oxRuleId String level String excludeBy [String] uidOnly Boolean isDefault Boolean ffKey String exclusionScope String

Last updated