search
Book a demo

issue

Represents a security issue or alert, including its metadata, severity, associated resources, policy information, and remediation details.

hashtag
Examples

type Issue {
  importantSeverityBreakdown: [String]
  isCVERelated: Boolean
  overrideSeverityReason: String
  highestOXCVESeverity: String
  latestCommit: AggItem
  additionalTabs: [AdditionalTab]
  issueDetailsHeaders: [IssueDetailsTabs]
  compliance: [ComplianceItem]
  sbom: SbomLib
  dependencyGraph: SbomDependencyGraphResponse
  groupId: String
  name: String
  mainTitle: String
  secondTitle: String
  scanId: String
  created: Float
  sla: SlaData
  issueUpdatedAt: Float
  scanDate: Float
  description: String
  impact: String
  exposure: String
  severity: String
  owners: [String]
  ownerEmails: [String]
  occurrences: Int
  score: IssueScore
  orgConScore: Float
  connector: String
  learnMore: [String]
  extraInfo: [ExtraInfo]
  resource: IssueResource
  appName: String
  app: IAppsInfo
  policy: IPolicy
  issueId: String
  category: ICategory
  aggregations: IAggregations
  recommendation: String
  violationInfoTitle: String
  sourceTools: [String]
  ruleId: String
  fixes: PolicyFix
  fixAppliedDeatils: FixAppliedDeatils
  cwe: [String]
  fixLink: String
  cweList: [CweList]
  dependencyChain: [String]
  publicExploitLink: String
  createdAt: Float
  tickets: [Ticket]
  slackNotification: [SlackNotification]
  messages: [IssueMessage]
  fixIssue: FixIssue
  requestContent: String
  responseContent: String
  autoFix: FixIssue
  lowerSeverityReason: [String]
  severityChange: String
  originalToolSeverity: String
  scaVulnerabilities: [SCAVulnerability]
  dependencyGraphNodes: [DependencyNode]
  dependencyGraphEdges: [DependencyEdge]
  scaTriggerPkg: String
  scaTriggerPkgs: [TriggerPackage]
  pkgSemanticVersion: String
  graphExist: Boolean
  indirectSupported: Boolean
  severityChangeReason: [String]
  severityChangedReason: [SeverityChangedReason]
  aggSeverityExplanation: String
  aggSFsForCalcDisplay: [SeverityChangedReason]
  resolvedIssueDate: Float
  isPRAvailable: Boolean
  cicdFields: CICDFields
  comment: String
  excludedByAlert: Boolean
  excludedByPolicy: Boolean
  excludedByApp: Boolean
  countRule: CountRule
  exclusionId: String
  languageInfo: LanguageInfo
  isMonoRepoChild: Boolean
  monoRepoParent: String
  isFixAvailable: Boolean
  isFixApplied: Boolean
  isGPTFixAvailable: Boolean
  oscarData: [OscarItem]
  gptInfo: GPTInfo
  prDeatils: PullRequest
  tags: [AppTag]
  originalSeverity: Int
  overrideSeverity: Boolean
  isFalsePositive: Boolean
  falsePositiveComment: String
  isCanceledFalsePositive: Boolean
  cancelFalsePositiveComment: String
  falsePositiveDetails: FalsePositiveDetails
  issueStatus: IssueStatus
  scanIssueStatus: IssueStatus
  resolvedReason: String
  resolvedDetails: String
  resolvedReasonDetails: ReasonDetails
  disappearedReason: String
  disappearedDetails: String
  disappearedReasonDetails: ReasonDetails
  disappearedDate: Float
  correlatedIssueId: String
  correlatedRegistry: String
  scaFixType: ScaFixType
  previousSeverity: PrevSeverity
  version: String
  severityFactorsDiff: [SeverityFactorsDiff]
  exposedByApiItems: [ExposedByApiItem]
  originBranchName: String
  exclusionComment: String
  exclusionExpiredAt: Date
  problematicPkg: String
  serverlessDeploymentOperation: ServerlessDeploymentOperation
  eventFromExternalTool: Boolean
  issueOwners: [IOwner]
  cveExclusions: [RecommendedExclusions]
}

hashtag
Fields

Field
Description
Supported fields

importantSeverityBreakdown [String]

Array of severity breakdowns based on important factors

isCVERelated Boolean ⚠️

Deprecated: This field is not used anymore

overrideSeverityReason String

Reason for severity override

highestOXCVESeverity String

Highest severity level associated with the issue based on OX CVE data

latestCommit AggItem

Information about the latest commit associated with this issue

originalSeverity Int oxSeverity Int callBranch [String] linkToExternalProduct String stars String forks String downloads String vulBySeverity String nameAndVer String sourceRepoName String sourceRepoLink String sourceCreationDate String sourceLastModifyDate String destinationRepoName String destinationRepoLink String destinationCreationDate String destinationLastModifyDate String destinationRepoVisibility String reasons String _id String url String additionalToolData String events String allEvents String pushType String sha String title String link String mergedBy String date String fileCount Int diffInDays Int reviewers String user String userLink String userAvatar String devOperation String devOperationDate String adminOperation String adminOperationDate String reviewOperation String reviewOperationDate String orgRole String earliestActivityDate String repoPermissions String adminLocation String email String pullRequestsCount Int diffFromNowToCreatedAtInDays Int username String accessLevel String createdAt String lastAccess String fileName String fileUri String startLine Int endLine Int match String snippet String commitLink String commitBy String mergeDate String dateCommitPushed String pullRequestNumber String pullRequestLink String codeOwners [String] region String eduVideoLink String resource String service String accountName String cloudEnv String secret String secretType String secretTypeDescription String secretStatus String image String imageCreatedAt String pkgCount Int dockerVer String os String binariesCount Int tag String reputation String sha256 String size String pushedAt String source String sourceLink String ruleId String realMatch String excludedByAlert Boolean filePath String lockfile String accountId String snippetLineNumber Int language String daysOpen String isFixAvailable Boolean aggId String pkgName String installedVersion String fixedVersion String triggerPkgName String triggerPkgVersion String triggerPkgUpgradeVersion String dependencyType String branch String hashAggId String repo String repoCreator String lastCodeDate String lastAdminOperation String exclusionId String numberOfReposDomainAppear Int layer String baseImage String imageLink String registryName String project String resourceGroup String cloudResourceTags String location String locationLink String parameter String test String cvss Float evidence String request String response String dastUrl String method String parameterType String value String cluster String type String cloudType String k8sType String consoleLink String name String subscriptionId String stringifiedClusters String aggStatus String falsePositive FalsePositive cbomId String prDeatils PullRequest triage Triage

additionalTabs [AdditionalTab]

Additional tabs containing aggregated or supplemental information

type String aggItems [AggItem]

issueDetailsHeaders [IssueDetailsTabs]

Headers for issue details tabs

id String label String featureFlag String

compliance [ComplianceItem]

Compliance-related information linked to the issue

standard String standardLink String control String category String description String categoryLink String controlLink String

sbom SbomLib

Software Bill of Materials (SBOM) information

id String references [SbomReference] appType String language String libId String libraryName String libraryVersion String license String appName String location String dependencyType String source String appId String locationLink String appLink String pkgName String copyWriteInfo [String] copyWriteInfoLink String libLink String vulnerabilityCounts IssuesBySeverity triggerPackage String vulnerabilities [SCAVulnerability] latestVersion String latestVersionDate String stars Int forks Int openIssues Int packageManager String packageManagerLink String maintainers Int contributors Int downloads Int sourceLink String notPopular Boolean licenseIssue Boolean malicious Boolean malwareType String osVname String notMaintained Boolean isDeprecated Boolean notImported Boolean notUsed Boolean notUpdated Boolean dependencyLevel Int requestId String licenseLink String artifactInSbomLibs [ArtifactInSbomLibs] sha String maintainersList [Maintainer] runtimeStatus String usedVersionReleaseDate String projectDescription String

dependencyGraph SbomDependencyGraphResponse

Dependency graph data for the issue

nodes [DependencyNode] allNodes [DependencyNode] edges [DependencyEdge] allEdges [DependencyEdge]

groupId String

Group identifier for grouped issues

name String

Name of the issue

mainTitle String

Primary title of the issue

secondTitle String

Secondary title of the issue

scanId String

Scan identifier where the issue was detected

created Float ⚠️

Deprecated: Use createdAt instead

sla SlaData

Service Level Agreement (SLA) data for the issue

daysPastSLA Float status SlaStatus

issueUpdatedAt Float

Timestamp when the issue was last updated

scanDate Float

Scan date when the issue was detected

description String

Detailed description of the issue

impact String

Impact description of the issue

exposure String

Exposure description of the issue

severity String

Severity level of the issue

owners [String]

List of owners associated with the issue

ownerEmails [String]

Email addresses of the owners

occurrences Int

Number of occurrences of the issue

score IssueScore

Score assigned to the issue based on severity and other factors

value Float comments String

orgConScore Float

connector String

Connector name associated with the issue

learnMore [String]

List of URLs for further information about the issue

extraInfo [ExtraInfo]

Extra information related to the issue

key String val String value String snippet ExtraInfoSnippet link String callBranch [String] iconLink String tags [String]

resource IssueResource

Resource details associated with the issue

id String type String

appName String

Full application name

app IAppsInfo

Application information associated with the issue

id String name String businessPriority Float riskScore Float secPosture Float type String typeComments String applicationFlows ApplicationFlow fakeApp Boolean originBranchName String repoId String organization String repoName String owners [OwnerInfo] credentialsId String lastCodeChange String createdAt String publicVisibility Boolean branch String

policy IPolicy

Policy data associated with the issue

id String name String detailedDescription String

issueId String

Unique identifier for the issue instance

category ICategory

Category information for the issue

name String categoryId Int subCategoryName String subCategoryComment String

aggregations IAggregations

Aggregation data for the issue

type String summary IAggSummary columns IAggColumns items [AggItem]

recommendation String

Recommended remediation for the issue

violationInfoTitle String

Title for violation information

sourceTools [String]

Source tools that reported the issue

ruleId String

Rule identifier associated with the issue

fixes PolicyFix

Fix information for the issue

settingType String tooltip String description String warning String confirmation String inputs [FixInput]

fixAppliedDeatils FixAppliedDeatils

Details about applied fixes

appliedBy String appliedDate Date

cwe [String]

Common Weakness Enumeration (CWE) identifiers associated with the issue

fixLink String

Link to the fix for the issue

cweList [CweList]

List of CWE items related to the issue

name String description String url String

dependencyChain [String]

Dependency chain for the issue

publicExploitLink String

Link to public exploit related to the issue, if available

createdAt Float

Original creation date of the issue, based on scan history

tickets [Ticket]

List of tickets associated with the issue

provider Provider ticketId String createdBy String issueId String issueName String appName String appId String category String assignee String reporter String link String project String issueType String key String

slackNotification [SlackNotification]

Slack notifications related to the issue

channelName String timestamp String

messages [IssueMessage]

Messages or comments related to the issue

messagingVendor MessagingVendorsTypes recipients [Recipient] createdAt Date

fixIssue FixIssue

Information about available fixes for the issue

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

requestContent String

DAST Request content

responseContent String

DAST Response content

autoFix FixIssue

Automatic fix information

fixType String fixTitle String fixDescription String isFixApplied Boolean fixAppliedBy String sourceControlType String fixDate Date

lowerSeverityReason [String]

Reasons for lowering the severity of the issue

severityChange String

Explanation for severity change

originalToolSeverity String

Original severity reported by the tool

scaVulnerabilities [SCAVulnerability]

Software Composition Analysis (SCA) vulnerabilities associated with the issue

issueId String oxSeverity String severityNumberFromTool String severityFromTool String cve String cveLink String cvsVer String cvssVersion Float epss Float percentile Float libName String dependencyChain String runtimeStatus String libVersion String chainDepth Int exploitInTheWild Boolean exploitInTheWildLink String description String dateDiscovered String minorVerWithFix String majorVerWithFix String exploitRequirement String exploitCode String originalSeverity String

dependencyGraphNodes [DependencyNode]

Nodes in the dependency graph

id String name String width String height String vulnerable Boolean

dependencyGraphEdges [DependencyEdge]

Edges in the dependency graph

v String w String

scaTriggerPkg String

Trigger package for SCA vulnerability detection

scaTriggerPkgs [TriggerPackage]

List of trigger packages for SCA vulnerabilities

scaTriggerPkg String fileName String

pkgSemanticVersion String

Semantic version of the package associated with the issue

graphExist Boolean ⚠️

Deprecated: This field is not used anymore

indirectSupported Boolean ⚠️

Deprecated: This field is not used anymore

severityChangeReason [String]

Severity Factors

severityChangedReason [SeverityChangedReason]

Detailed reasons for severity change

changeNumber Float withoutAutoNumbering Boolean evidenceLabel String reason String shortName String changeCategory String extraInfo [SeverityChangedExtraInfo] extraInfoContainer [ExtraInfoContainer] order Int

aggSeverityExplanation String

Explanation for the aggregation level severity change

aggSFsForCalcDisplay [SeverityChangedReason]

Aggregations level severity factors that affect issue level severity

changeNumber Float withoutAutoNumbering Boolean evidenceLabel String reason String shortName String changeCategory String extraInfo [SeverityChangedExtraInfo] extraInfoContainer [ExtraInfoContainer] order Int

resolvedIssueDate Float

Resolved issue date for fixed issues

isPRAvailable Boolean

Indicates if a Pull Request (PR) is available for the issue

cicdFields CICDFields

CICD-specific fields for the issue

issueStatus CICDIssueStatus sourceBranch String targetBranch String isBlocking Boolean jobId String jobTriggeredAt String jobTriggeredAtDate Float jobTriggeredBy String jobTriggeredReason String jobUrl String pullRequestId String pullRequestUrl String enforcement String excludedByAlert Boolean cicdEventType String workflows [OxWorkflow]

comment String

User comment on the issue

excludedByAlert Boolean

Indicates if the issue is excluded by alert

excludedByPolicy Boolean

Indicates if the issue is excluded by policy

excludedByApp Boolean

Indicates if the issue is excluded by application

countRule CountRule

Count rule based on occurrences in policy

exclusionId String

Exclusion identifier for snoozed or reappearing issues

languageInfo LanguageInfo

Language information where the issue was found

name String version String

isMonoRepoChild Boolean

Indicates if the issue belongs to a monorepo child

monoRepoParent String

Identifier for the monorepo parent

isFixAvailable Boolean

Indicates if a fix is available for the issue

isFixApplied Boolean

Indicates if a fix has been applied

isGPTFixAvailable Boolean

Indicates if a GPT-generated fix is available

oscarData [OscarItem]

OSCAR data associated with the issue

name String description String url String id String

gptInfo GPTInfo

GPT information related to the issue

gptResponse String user String createdAt Date

prDeatils PullRequest

Pull request details for the issue

sourceControlType String issueId String appId String repo String prId String prURL String prBranchName String commitMessage String commiter String comment String date Date prTitle String prBody String prStatus String prApprover String prReviewer String prMergeTime Date

tags [AppTag]

Tags associated with the application

tagId String name String email String displayName String tagType OxTagType createdBy String purpose String deploymentModel String tagCategory String

originalSeverity Int

Original severity level before overrides

overrideSeverity Boolean

Indicates if the severity has been overridden

isFalsePositive Boolean

Indicates if the issue is marked as a false positive

falsePositiveComment String

Comment for marking the issue as a false positive

isCanceledFalsePositive Boolean

Indicates if the issue is marked as a canceled false positive

cancelFalsePositiveComment String

Comment for marking the issue as a canceled false positive

falsePositiveDetails FalsePositiveDetails

Detailed information about the false positive status on issue level

canceledBy String reportedBy String commentWhenCanceled String aggregationsStatus String

issueStatus IssueStatus

Status of the issue (open, resolved, etc.)

scanIssueStatus IssueStatus

Issue status based on the scan

resolvedReason String

Reason for issue resolution

resolvedDetails String

resolvedReasonDetails ReasonDetails

Additional details for the resolved reason

description String

disappearedReason String

Additional information about why the issue disappeared

disappearedDetails String

Detailed information about the reason for disappearance

disappearedReasonDetails ReasonDetails

Detailed reason data for the disappearance of the issue

description String

disappearedDate Float

Timestamp when the issue disappeared

correlatedIssueId String

Identifier for correlated issues across scans

correlatedRegistry String

Registry associated with the correlated issue

scaFixType ScaFixType

Type of fix available for Software Composition Analysis (SCA) issues

previousSeverity PrevSeverity

Previous severity before any changes were applied

severity String severityChangedDate Date

version String

Version of the package or component associated with the issue

severityFactorsDiff [SeverityFactorsDiff]

Difference in severity factors between scans

shortName String change Float status SeverityFactorStatus

exposedByApiItems [ExposedByApiItem]

Items that expose the issue through APIs

apiId String codeLocations [CodeLocation]

originBranchName String

Branch name where the issue was found

exclusionComment String

Comment provided for excluding the issue

exclusionExpiredAt Date

Timestamp indicating when the exclusion expires

problematicPkg String

Problematic package associated with the issue

serverlessDeploymentOperation ServerlessDeploymentOperation

Serverless deployment operation details

userIdentity ServerlessDeploymentUserIdentity deploymentTime String sourceIPAddress String userAgent String connectedFromConsole String location String linkToCode String functionName String functionArn String internalFunctionName String cloudRegion String version String revisionId String codeSha256 String entryPoint String codeSize Int memorySize Int timeout Int runtime String runtimeVersionConfig ServerlessDeploymentRuntimeVersionConfig architectures [String] role String recipientAccountId String description String

eventFromExternalTool Boolean

Indicates if the issue is from an external tool

issueOwners [IOwner]

List of owners associated with the issue

name String email String

cveExclusions [RecommendedExclusions]

cve exclusions associated with the issue

label String recommended Boolean tooltip String type String id String oxRuleId String level String excludeBy [String] uidOnly Boolean isDefault Boolean ffKey String exclusionScope String

hashtag
References

hashtag
Queries using this object:

hashtag
Fields with this object:

Last updated