getSingleIssueInfo

Retrieves detailed information about a specific security issue by its identifier. Provides comprehensive data about a single issue including its metadata, severity, related resources, and remediation details.

Examples

query GetSingleIssueInfo($getSingleIssueInput: SingleIssueInput) {
  getSingleIssueInfo(getSingleIssueInput: $getSingleIssueInput) {
    importantSeverityBreakdown
    overrideSeverityReason
    highestOXCVESeverity
    latestCommit {
      date
      commitLink
      match
      snippet
      snippetLineNumber
    }
    additionalTabs {
      type
      aggItems {
        callBranch
        linkToExternalProduct
        stars
        forks
        downloads
        vulBySeverity
        nameAndVer
        sourceRepoName
        sourceRepoLink
        sourceCreationDate
        sourceLastModifyDate
        destinationRepoName
        destinationRepoLink
        destinationCreationDate
        destinationLastModifyDate
        destinationRepoVisibility
        reasons
        _id
        url
        additionalToolData
        events
        allEvents
        pushType
        sha
        title
        link
        mergedBy
        date
        fileCount
        diffInDays
        reviewers
        user
        userLink
        userAvatar
        devOperation
        devOperationDate
        adminOperation
        adminOperationDate
        reviewOperation
        reviewOperationDate
        orgRole
        earliestActivityDate
        repoPermissions
        adminLocation
        email
        pullRequestsCount
        diffFromNowToCreatedAtInDays
        username
        accessLevel
        createdAt
        lastAccess
        fileName
        fileUri
        startLine
        endLine
        match
        snippet
        commitLink
        commitBy
        region
        eduVideoLink
        resource
        service
        accountName
        cloudEnv
        secret
        image
        imageCreatedAt
        pkgCount
        dockerVer
        os
        binariesCount
        tag
        reputation
        sha256
        size
        pushedAt
        source
        ruleId
        realMatch
        excludedByAlert
        filePath
        lockfile
        accountId
        snippetLineNumber
        language
        daysOpen
        isFixAvailable
        aggId
        pkgName
        installedVersion
        fixedVersion
        triggerPkgName
        triggerPkgVersion
        triggerPkgUpgradeVersion
        dependencyType
        branch
        hashAggId
        repo
        repoCreator
        lastCodeDate
        lastAdminOperation
        exclusionId
        numberOfReposDomainAppear
        layer
        baseImage
        imageLink
        registryName
        project
        resourceGroup
        location
        parameter
        test
        cvss
        evidence
        dastUrl
        method
        parameterType
        value
        cluster
        type
        cloudType
        k8sType
        consoleLink
        name
        subscriptionId
        stringifiedClusters
        aggStatus
        falsePositive {
          isFalsePositive
          comment
          reportedBy
          reportedAt
          isCanceled
          cancelComment
          canceledBy
          canceledAt
          commentWhenCanceled
        }
      }
    }
    issueDetailsHeaders {
      id
      label
      featureFlag
    }
    compliance {
      standard
      standardLink
      control
      category
      description
      categoryLink
      controlLink
    }
    sbom {
      id
      references {
        triggerPackage
        location
        locationLink
        dependencyType
        dependencyLevel
        commit {
          commitedAt
          committerName
          committerEmail
        }
        fileName
      }
      language
      libraryName
      libraryVersion
      license
      appName
      location
      dependencyType
      source
      appId
      locationLink
      appLink
      pkgName
      copyWriteInfo
      copyWriteInfoLink
      libLink
      vulnerabilityCounts {
        appox
        critical
        high
        medium
        low
        info
      }
      triggerPackage
      vulnerabilities {
        issueId
        oxSeverity
        severityNumberFromTool
        severityFromTool
        cve
        cveLink
        cvsVer
        cvssVersion
        epss
        percentile
        libName
        dependencyChain
        libVersion
        chainDepth
        exploitInTheWild
        exploitInTheWildLink
        description
        dateDiscovered
        minorVerWithFix
        majorVerWithFix
        exploitRequirement
        exploitCode
        originalSeverity
      }
      latestVersion
      latestVersionDate
      stars
      forks
      openIssues
      packageManager
      packageManagerLink
      maintainers
      contributors
      downloads
      sourceLink
      notPopular
      licenseIssue
      malicious
      malwareType
      osVname
      notMaintained
      isDeprecated
      notImported
      notUpdated
      dependencyLevel
      requestId
      licenseLink
      artifactInSbomLibs {
        image
        imageLink
        imageCreatedAt
        sha
        os
        osVersion
        baseImage
        baseImageVersion
        tag
        layer
        registryName
        source
      }
      sha
      maintainersList {
        name
        email
      }
    }
    dependencyGraph {
      nodes {
        id
        name
        width
        height
        vulnerable
      }
      allNodes {
        id
        name
        width
        height
        vulnerable
      }
      edges {
        v
        w
      }
      allEdges {
        v
        w
      }
    }
    groupId
    name
    mainTitle
    secondTitle
    scanId
    sla {
      daysPastSLA
      status
    }
    issueUpdatedAt
    scanDate
    description
    impact
    severity
    owners
    ownerEmails
    occurrences
    score {
      value
      comments
    }
    orgConScore
    connector
    learnMore
    extraInfo {
      key
      val
      value
    }
    resource {
      id
      type
    }
    app {
      id
      name
      businessPriority
      riskScore
      secPosture
      type
      typeComments
      applicationFlows {
        artifacts {
          type
          name
          hashType
          system
          subType
          hash
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
          linkName
          k8sType
          cluster
          region
        }
        cloudDeployments {
          type
          subType
          name
          hash
          hashType
          link
          location {
            runBy
            foundBy
            foundIn
            link
          }
          k8sType
          imageName
          date
          cluster
          region
        }
        cicdInfo {
          type
          system
          latestDate
          lastMonthJobCount
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        orchestrators {
          type
          name
          hashType
          system
          hash
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        kubernetes {
          type
          name
          hashType
          system
          hash
          subType
          size
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
        repository {
          type
          system
          date
          location {
            runBy
            foundBy
            foundIn
            link
          }
        }
      }
      fakeApp
      originBranchName
      repoId
      organization
      repoName
      owners {
        name
        email
        roles
      }
      credentialsId
    }
    policy {
      id
      name
      detailedDescription
    }
    issueId
    category {
      name
      categoryId
      subCategoryName
      subCategoryComment
    }
    aggregations {
      type
      summary {
        summary
        comment
      }
      columns {
        columns {
          header
          key
          tooltip
          href
          type
        }
        comment
      }
      items {
        callBranch
        linkToExternalProduct
        stars
        forks
        downloads
        vulBySeverity
        nameAndVer
        sourceRepoName
        sourceRepoLink
        sourceCreationDate
        sourceLastModifyDate
        destinationRepoName
        destinationRepoLink
        destinationCreationDate
        destinationLastModifyDate
        destinationRepoVisibility
        reasons
        _id
        url
        additionalToolData
        events
        allEvents
        pushType
        sha
        title
        link
        mergedBy
        date
        fileCount
        diffInDays
        reviewers
        user
        userLink
        userAvatar
        devOperation
        devOperationDate
        adminOperation
        adminOperationDate
        reviewOperation
        reviewOperationDate
        orgRole
        earliestActivityDate
        repoPermissions
        adminLocation
        email
        pullRequestsCount
        diffFromNowToCreatedAtInDays
        username
        accessLevel
        createdAt
        lastAccess
        fileName
        fileUri
        startLine
        endLine
        match
        snippet
        commitLink
        commitBy
        region
        eduVideoLink
        resource
        service
        accountName
        cloudEnv
        secret
        image
        imageCreatedAt
        pkgCount
        dockerVer
        os
        binariesCount
        tag
        reputation
        sha256
        size
        pushedAt
        source
        ruleId
        realMatch
        excludedByAlert
        filePath
        lockfile
        accountId
        snippetLineNumber
        language
        daysOpen
        isFixAvailable
        aggId
        pkgName
        installedVersion
        fixedVersion
        triggerPkgName
        triggerPkgVersion
        triggerPkgUpgradeVersion
        dependencyType
        branch
        hashAggId
        repo
        repoCreator
        lastCodeDate
        lastAdminOperation
        exclusionId
        numberOfReposDomainAppear
        layer
        baseImage
        imageLink
        registryName
        project
        resourceGroup
        location
        parameter
        test
        cvss
        evidence
        dastUrl
        method
        parameterType
        value
        cluster
        type
        cloudType
        k8sType
        consoleLink
        name
        subscriptionId
        stringifiedClusters
        aggStatus
        falsePositive {
          isFalsePositive
          comment
          reportedBy
          reportedAt
          isCanceled
          cancelComment
          canceledBy
          canceledAt
          commentWhenCanceled
        }
      }
    }
    recommendation
    violationInfoTitle
    sourceTools
    ruleId
    fixes {
      settingType
      tooltip
      description
      warning
      confirmation
      inputs {
        type
        name
        options {
          name
          selected
          metadata
          info
          displayName
          isDisabled
        }
        multiSelect
        maxSelect
        minSelect
        displayName
      }
    }
    fixAppliedDeatils {
      appliedBy
      appliedDate
    }
    cwe
    fixLink
    cweList {
      name
      description
      url
    }
    dependencyChain
    publicExploitLink
    createdAt
    tickets {
      provider
      ticketId
      createdBy
      issueId
      issueName
      appName
      appId
      category
      assignee
      reporter
      link
      project
      issueType
      key
    }
    slackNotification {
      channelName
      timestamp
    }
    messages {
      messagingVendor
      recipients {
        name
        id
        type
      }
      createdAt
    }
    fixIssue {
      fixType
      fixTitle
      fixDescription
      isFixApplied
      fixAppliedBy
      sourceControlType
      fixDate
    }
    requestContent
    responseContent
    autoFix {
      fixType
      fixTitle
      fixDescription
      isFixApplied
      fixAppliedBy
      sourceControlType
      fixDate
    }
    lowerSeverityReason
    severityChange
    originalToolSeverity
    scaVulnerabilities {
      issueId
      oxSeverity
      severityNumberFromTool
      severityFromTool
      cve
      cveLink
      cvsVer
      cvssVersion
      epss
      percentile
      libName
      dependencyChain
      libVersion
      chainDepth
      exploitInTheWild
      exploitInTheWildLink
      description
      dateDiscovered
      minorVerWithFix
      majorVerWithFix
      exploitRequirement
      exploitCode
      originalSeverity
    }
    dependencyGraphNodes {
      id
      name
      width
      height
      vulnerable
    }
    dependencyGraphEdges {
      v
      w
    }
    scaTriggerPkg
    scaTriggerPkgs {
      scaTriggerPkg
      fileName
    }
    pkgSemanticVersion
    severityChangeReason
    severityChangedReason {
      changeNumber
      withoutAutoNumbering
      evidenceLabel
      reason
      shortName
      changeCategory
      extraInfo {
        key
        value
        link
        snippet {
          snippetLineNumber
          language
          text
          fileName
        }
        iconLink
        callBranch
      }
      extraInfoContainer {
        layerSha
        layerNum
        artifactName
        sha
        registryName
      }
    }
    resolvedIssueDate
    isPRAvailable
    cicdFields {
      issueStatus
      sourceBranch
      targetBranch
      jobId
      jobTriggeredAt
      jobTriggeredAtDate
      jobTriggeredBy
      jobTriggeredReason
      jobUrl
      pullRequestId
      pullRequestUrl
      enforcement
      excludedByAlert
      cicdEventType
    }
    comment
    excludedByAlert
    excludedByPolicy
    excludedByApp
    countRule
    exclusionId
    languageInfo {
      name
      version
    }
    isMonoRepoChild
    monoRepoParent
    isFixAvailable
    isFixApplied
    isGPTFixAvailable
    oscarData {
      name
      description
      url
      id
    }
    gptInfo {
      gptResponse
      user
      createdAt
    }
    prDeatils {
      sourceControlType
      issueId
      appId
      repo
      prId
      prURL
      prBranchName
      commitMessage
      commiter
      comment
      date
      prTitle
      prBody
      prStatus
      prApprover
      prReviewer
      prMergeTime
    }
    tags {
      tagId
      name
      email
      displayName
      tagType
      createdBy
      purpose
      deploymentModel
    }
    originalSeverity
    overrideSeverity
    isFalsePositive
    falsePositiveComment
    isCanceledFalsePositive
    cancelFalsePositiveComment
    falsePositiveDetails {
      isAggregationsMixed
      canceledBy
      reportedBy
      commentWhenCanceled
      aggregationsStatus
    }
    issueStatus
    scanIssueStatus
    resolvedReason
    resolvedDetails
    resolvedReasonDetails {
      description
    }
    disappearedReason
    disappearedDetails
    disappearedReasonDetails {
      description
    }
    disappearedDate
    correlatedIssueId
    correlatedRegistry
    scaFixType
    previousSeverity {
      severity
      severityChangedDate
    }
    version
    severityFactorsDiff {
      shortName
      change
      status
    }
    exposedByApiItems {
      apiId
      codeLocations {
        link
        callBranch
      }
    }
    originBranchName
    exclusionComment
    exclusionExpiredAt
    problematicPkg
    serverlessDeploymentOperation {
      userIdentity {
        type
        principalId
        arn
        accountId
        accessKeyId
        sessionContext {
          sessionIssuer {
            type
            principalId
            arn
            accountId
            userName
          }
          attributes {
            creationDate
            mfaAuthenticated
          }
        }
      }
      deploymentTime
      sourceIPAddress
      userAgent
      connectedFromConsole
      location
      linkToCode
      functionName
      functionArn
      internalFunctionName
      cloudRegion
      version
      revisionId
      codeSha256
      entryPoint
      codeSize
      memorySize
      timeout
      runtime
      runtimeVersionConfig {
        runtimeVersionArn
      }
      architectures
      role
      recipientAccountId
      description
    }
  }
}

Variables

This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.

{
  "getSingleIssueInput": {
    "issueId": "30966426-oxPolicy_securityCloudScan_100-example"
  }
}

curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
 "query": "query GetSingleIssueInfo($getSingleIssueInput: SingleIssueInput) { getSingleIssueInfo(getSingleIssueInput: $getSingleIssueInput) { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { date commitLink match snippet snippetLineNumber } additionalTabs { type aggItems { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value } resource { id type } app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type summary { summary comment } columns { columns { header key tooltip href type } comment } items { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } recommendation violationInfoTitle sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType } comment excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { isAggregationsMixed canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } } }",
 "variables": {
    "getSingleIssueInput": {
      "issueId": "30966426-oxPolicy_securityCloudScan_100-example"
    }
  }
}'

const query = 'query GetSingleIssueInfo($getSingleIssueInput: SingleIssueInput) { getSingleIssueInfo(getSingleIssueInput: $getSingleIssueInput) { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { date commitLink match snippet snippetLineNumber } additionalTabs { type aggItems { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value } resource { id type } app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type summary { summary comment } columns { columns { header key tooltip href type } comment } items { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } recommendation violationInfoTitle sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType } comment excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { isAggregationsMixed canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } } }';

fetch("https://api.cloud.ox.security/api/apollo-gateway", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": "YOUR_API_TOKEN"
  },
  body: JSON.stringify({
    query: query,
    // This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
    variables: {
      getSingleIssueInput: {
        issueId: "30966426-oxPolicy_securityCloudScan_100-example"
      }
    }
  })
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));

import requests

query = 'query GetSingleIssueInfo($getSingleIssueInput: SingleIssueInput) { getSingleIssueInfo(getSingleIssueInput: $getSingleIssueInput) { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { date commitLink match snippet snippetLineNumber } additionalTabs { type aggItems { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value } resource { id type } app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type summary { summary comment } columns { columns { header key tooltip href type } comment } items { callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy region eduVideoLink resource service accountName cloudEnv secret image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup location parameter test cvss evidence dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } } } recommendation violationInfoTitle sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType } comment excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { isAggregationsMixed canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } } }'

response = requests.post(
  "https://api.cloud.ox.security/api/apollo-gateway",
  headers={
    "Content-Type": "application/json",
    "Authorization": "YOUR_API_TOKEN"
  },
  json={
    "query": query,
    # This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
    "variables": {
      "getSingleIssueInput": {
        "issueId": "30966426-oxPolicy_securityCloudScan_100-example"
      }
    }
  }
)

if response.status_code == 200:
    result = response.json()
    print(result)
else:
    print(f"Error: {response.status_code}")
    print(response.text)

Arguments

You can use the following argument(s) to customize your getSingleIssueInfo query.

Argument

Description

Supported fields

getSingleIssueInput SingleIssueInput

Input containing the unique identifier of the issue to retrieve

issueId String!

Fields

Return type: Issue

You can use the following field(s) to specify what information your getSingleIssueInfo query will return. Please note that some fields may have their own subfields.

Field

Description

Supported fields

importantSeverityBreakdown [String]

Array of severity breakdowns based on important factors

isCVERelated Boolean ⚠️

Deprecated: This field is not used anymore

overrideSeverityReason String

Reason for severity override

highestOXCVESeverity String

Highest severity level associated with the issue based on OX CVE data

latestCommit LatestCommit

Information about the latest commit associated with this issue

date String commitLink String match String snippet String snippetLineNumber Int

additionalTabs [AdditionalTab]

Additional tabs containing aggregated or supplemental information

type String aggItems [AggItem]

issueDetailsHeaders [IssueDetailsTabs]

Headers for issue details tabs

id String label String featureFlag String

compliance [ComplianceItem]

Compliance-related information linked to the issue

standard String standardLink String control String category String description String categoryLink String controlLink String

sbom SbomLib

Software Bill of Materials (SBOM) information

id String references [SbomReference] appType String language String libId String libraryName String libraryVersion String license String appName String location String dependencyType String source String appId String locationLink String appLink String pkgName String copyWriteInfo [String] copyWriteInfoLink String libLink String vulnerabilityCounts IssuesBySeverity triggerPackage String vulnerabilities [SCAVulnerability] latestVersion String latestVersionDate String stars Int forks Int openIssues Int packageManager String packageManagerLink String maintainers Int contributors Int downloads Int sourceLink String notPopular Boolean licenseIssue Boolean malicious Boolean malwareType String osVname String notMaintained Boolean isDeprecated Boolean notImported Boolean notUsed Boolean notUpdated Boolean dependencyLevel Int requestId String licenseLink String artifactInSbomLibs [ArtifactInSbomLibs] sha String maintainersList [Maintainer]

dependencyGraph SbomDependencyGraphResponse

Dependency graph data for the issue

nodes [DependencyNode] allNodes [DependencyNode] edges [DependencyEdge] allEdges [DependencyEdge]

groupId String

Group identifier for grouped issues

name String

Name of the issue

mainTitle String

Primary title of the issue

secondTitle String

Secondary title of the issue

scanId String

Scan identifier where the issue was detected

created Float ⚠️

Deprecated: Use createdAt instead

sla SlaData

Service Level Agreement (SLA) data for the issue

daysPastSLA Float status SlaStatus

issueUpdatedAt Float

Timestamp when the issue was last updated

scanDate Float

Scan date when the issue was detected

description String

Detailed description of the issue

impact String

Impact description of the issue

severity String

Severity level of the issue

owners [String]

List of owners associated with the issue

ownerEmails [String]

Email addresses of the owners

occurrences Int

Number of occurrences of the issue

score IssueScore

Score assigned to the issue based on severity and other factors

value Float comments String

orgConScore Float

connector String

Connector name associated with the issue

learnMore [String]

List of URLs for further information about the issue

extraInfo [ExtraInfo]

Extra information related to the issue

key String val String value String

resource IssueResource

Resource details associated with the issue

id String type String

app IAppsInfo

Application information associated with the issue

id String name String businessPriority Float riskScore Float secPosture Float type String typeComments String applicationFlows ApplicationFlow fakeApp Boolean originBranchName String repoId String organization String repoName String owners [OwnerInfo] credentialsId String

policy IPolicy

Policy data associated with the issue

id String name String detailedDescription String

issueId String

Unique identifier for the issue instance

category ICategory

Category information for the issue

name String categoryId Int subCategoryName String subCategoryComment String

aggregations IAggregations

Aggregation data for the issue

type String summary IAggSummary columns IAggColumns items [AggItem]

recommendation String

Recommended remediation for the issue

violationInfoTitle String

Title for violation information

sourceTools [String]

Source tools that reported the issue

ruleId String

Rule identifier associated with the issue

fixes PolicyFix

Fix information for the issue

settingType String tooltip String description String warning String confirmation String inputs [FixInput]

fixAppliedDeatils FixAppliedDeatils

Details about applied fixes

appliedBy String appliedDate Date

cwe [String]

Common Weakness Enumeration (CWE) identifiers associated with the issue

fixLink String

Link to the fix for the issue

cweList [CweList]

List of CWE items related to the issue

name String description String url String

dependencyChain [String]

Dependency chain for the issue

publicExploitLink String

Link to public exploit related to the issue, if available

createdAt Float

Original creation date of the issue, based on scan history

tickets [Ticket]

List of tickets associated with the issue

provider Provider ticketId String createdBy String issueId String issueName String appName String appId String category String assignee String reporter String link String project String issueType String key String

slackNotification [SlackNotification]

Slack notifications related to the issue

channelName String timestamp String

messages [IssueMessage]

Messages or comments related to the issue

messagingVendor MessagingVendorsTypes recipients [Recipient] createdAt Date

fixIssue FixIssue

Information about available fixes for the issue

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

requestContent String

DAST Request content

responseContent String

DAST Response content

autoFix FixIssue

Automatic fix information

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

lowerSeverityReason [String]

Reasons for lowering the severity of the issue

severityChange String

Explanation for severity change

originalToolSeverity String

Original severity reported by the tool

scaVulnerabilities [SCAVulnerability]

Software Composition Analysis (SCA) vulnerabilities associated with the issue

issueId String oxSeverity String severityNumberFromTool String severityFromTool String cve String cveLink String cvsVer String cvssVersion Float epss Float percentile Float libName String dependencyChain String libVersion String chainDepth Int exploitInTheWild Boolean exploitInTheWildLink String description String dateDiscovered String minorVerWithFix String majorVerWithFix String exploitRequirement String exploitCode String originalSeverity String

dependencyGraphNodes [DependencyNode]

Nodes in the dependency graph

id String name String width String height String vulnerable Boolean

dependencyGraphEdges [DependencyEdge]

Edges in the dependency graph

v String w String

scaTriggerPkg String

Trigger package for SCA vulnerability detection

scaTriggerPkgs [TriggerPackage]

List of trigger packages for SCA vulnerabilities

scaTriggerPkg String fileName String

pkgSemanticVersion String

Semantic version of the package associated with the issue

graphExist Boolean ⚠️

Deprecated: This field is not used anymore

indirectSupported Boolean ⚠️

Deprecated: This field is not used anymore

severityChangeReason [String]

Severity Factors

severityChangedReason [SeverityChangedReason]

Detailed reasons for severity change

changeNumber Float withoutAutoNumbering Boolean evidenceLabel String reason String shortName String changeCategory String extraInfo [SeverityChangedExtraInfo] extraInfoContainer [ExtraInfoContainer]

resolvedIssueDate Float

Resolved issue date for fixed issues

isPRAvailable Boolean

Indicates if a Pull Request (PR) is available for the issue

cicdFields CICDFields

CICD-specific fields for the issue

issueStatus CICDIssueStatus sourceBranch String targetBranch String isBlocking Boolean jobId String jobTriggeredAt String jobTriggeredAtDate Float jobTriggeredBy String jobTriggeredReason String jobUrl String pullRequestId String pullRequestUrl String enforcement String excludedByAlert Boolean cicdEventType String

comment String

User comment on the issue

excludedByAlert Boolean

Indicates if the issue is excluded by alert

excludedByPolicy Boolean

Indicates if the issue is excluded by policy

excludedByApp Boolean

Indicates if the issue is excluded by application

countRule CountRule

Count rule based on occurrences in policy

exclusionId String

Exclusion identifier for snoozed or reappearing issues

languageInfo LanguageInfo

Language information where the issue was found

name String version String

isMonoRepoChild Boolean

Indicates if the issue belongs to a monorepo child

monoRepoParent String

Identifier for the monorepo parent

isFixAvailable Boolean

Indicates if a fix is available for the issue

isFixApplied Boolean

Indicates if a fix has been applied

isGPTFixAvailable Boolean

Indicates if a GPT-generated fix is available

oscarData [OscarItem]

OSCAR data associated with the issue

name String description String url String id String

gptInfo GPTInfo

GPT information related to the issue

gptResponse String user String createdAt Date

prDeatils PullRequest

Pull request details for the issue

sourceControlType String issueId String appId String repo String prId String prURL String prBranchName String commitMessage String commiter String comment String date Date prTitle String prBody String prStatus String prApprover String prReviewer String prMergeTime Date

tags [AppTag]

Tags associated with the application

tagId String name String email String displayName String tagType OxTagType createdBy String purpose String deploymentModel String

originalSeverity Int

Original severity level before overrides

overrideSeverity Boolean

Indicates if the severity has been overridden

isFalsePositive Boolean

Indicates if the issue is marked as a false positive

falsePositiveComment String

Comment for marking the issue as a false positive

isCanceledFalsePositive Boolean

Indicates if the issue is marked as a canceled false positive

cancelFalsePositiveComment String

Comment for marking the issue as a canceled false positive

falsePositiveDetails FalsePositiveDetails

Detailed information about the false positive status on issue level

isAggregationsMixed Boolean canceledBy String reportedBy String commentWhenCanceled String aggregationsStatus String

issueStatus IssueStatus

Status of the issue (open, resolved, etc.)

scanIssueStatus IssueStatus

Issue status based on the scan

resolvedReason String

Reason for issue resolution

resolvedDetails String

resolvedReasonDetails ReasonDetails

Additional details for the resolved reason

description String

disappearedReason String

Additional information about why the issue disappeared

disappearedDetails String

Detailed information about the reason for disappearance

disappearedReasonDetails ReasonDetails

Detailed reason data for the disappearance of the issue

description String

disappearedDate Float

Timestamp when the issue disappeared

correlatedIssueId String

Identifier for correlated issues across scans

correlatedRegistry String

Registry associated with the correlated issue

scaFixType ScaFixType

Type of fix available for Software Composition Analysis (SCA) issues

previousSeverity PrevSeverity

Previous severity before any changes were applied

severity String severityChangedDate Date

version String

Version of the package or component associated with the issue

severityFactorsDiff [SeverityFactorsDiff]

Difference in severity factors between scans

shortName String change Float status SeverityFactorStatus

exposedByApiItems [ExposedByApiItem]

Items that expose the issue through APIs

apiId String codeLocations [CodeLocation]

originBranchName String

Branch name where the issue was found

exclusionComment String

Comment provided for excluding the issue

exclusionExpiredAt Date

Timestamp indicating when the exclusion expires

problematicPkg String

Problematic package associated with the issue

serverlessDeploymentOperation ServerlessDeploymentOperation

Serverless deployment operation details

userIdentity ServerlessDeploymentUserIdentity deploymentTime String sourceIPAddress String userAgent String connectedFromConsole String location String linkToCode String functionName String functionArn String internalFunctionName String cloudRegion String version String revisionId String codeSha256 String entryPoint String codeSize Int memorySize Int timeout Int runtime String runtimeVersionConfig ServerlessDeploymentRuntimeVersionConfig architectures [String] role String recipientAccountId String description String

Last updated 6 days ago