Red Hat SummitChapter 68. Vulnerability Exception Service
68.1. Vulnerability Exception Service
68.1.1. ApproveVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/approve
ApproveVulnerabilityException approves a vulnerability exception. Once approved, the exception is enforced. The associated vulnerabilities are excluded from policy evaluation and risk evaluation, and the vulnerabilities may not appear in certain APIs responses by default.
68.1.1.1. Description
68.1.1.2. Parameters
68.1.1.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be approved. | X | null |
68.1.1.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | VulnerabilityExceptionServiceApproveVulnerabilityExceptionBody | X |
68.1.1.3. Return Type
68.1.1.4. Content Type
- application/json
68.1.1.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.1.6. Samples
68.1.2. CancelVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/cancel
CancelVulnerabilityException cancels a vulnerability exception. Once cancelled, an approved exception is no longer enforced. Cancelled exceptions are garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET /v1/config/).
68.1.2.1. Description
68.1.2.2. Parameters
68.1.2.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.2.3. Return Type
68.1.2.4. Content Type
- application/json
68.1.2.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.2.6. Samples
68.1.3. CreateDeferVulnerabilityException
POST /v2/vulnerability-exceptions/deferral
CreateDeferVulnerabilityException creates an exception request to defer specified vulnerabilities. Once an exception is created, it remains in the PENDING state until the approval. The exception is enforced only after it is approved. Once the exception expires, it is garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET`/v1/config/`)
68.1.3.1. Description
68.1.3.2. Parameters
68.1.3.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.3.3. Return Type
68.1.3.4. Content Type
- application/json
68.1.3.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.3.6. Samples
68.1.4. CreateFalsePositiveVulnerabilityException
POST /v2/vulnerability-exceptions/false-positive
CreateFalsePositiveVulnerabilityException creates an exception request to mark specified vulnerabilities as false positive. Once an exception is created, it remains in the PENDING state until the approval. The exception is enforced only after it is approved.
68.1.4.1. Description
68.1.4.2. Parameters
68.1.4.2.1. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.4.3. Return Type
68.1.4.4. Content Type
- application/json
68.1.4.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.4.6. Samples
68.1.5. DeleteVulnerabilityException
DELETE /v2/vulnerability-exceptions/{id}
DeleteVulnerabilityException deletes a vulnerability exception. Only pending exceptions and pending updates to an enforced exception can be deleted. To revert an exception use cancel API. All exceptions are retained in the system according to the retention configuration.
68.1.5.1. Description
68.1.5.2. Parameters
68.1.5.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.5.3. Return Type
Object
68.1.5.4. Content Type
- application/json
68.1.5.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. |
|
| 0 | An unexpected error response. |
68.1.5.6. Samples
68.1.6. DenyVulnerabilityException
POST /v2/vulnerability-exceptions/{id}/deny
DenyVulnerabilityException denies a vulnerability exception. Denied exceptions are inactive and are garbage collected as per the retention configuration .expiredVulnReqRetentionDurationDays (GET`/v1/config/`)
68.1.6.1. Description
68.1.6.2. Parameters
68.1.6.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be denied. | X | null |
68.1.6.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | X |
68.1.6.3. Return Type
68.1.6.4. Content Type
- application/json
68.1.6.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.6.6. Samples
68.1.7. GetVulnerabilityException
GET /v2/vulnerability-exceptions/{id}
GetVulnerabilityException returns the vulnerability exception with specified ID.
68.1.7.1. Description
68.1.7.2. Parameters
68.1.7.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | X | null |
68.1.7.3. Return Type
68.1.7.4. Content Type
- application/json
68.1.7.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.7.6. Samples
68.1.8. ListVulnerabilityExceptions
GET /v2/vulnerability-exceptions
ListVulnerabilityExceptions returns a list of vulnerability exceptions.
68.1.8.1. Description
68.1.8.2. Parameters
68.1.8.2.1. Query Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| query | - | null | ||
| pagination.limit | - | null | ||
| pagination.offset | - | null | ||
| pagination.sortOption.field | - | null | ||
| pagination.sortOption.reversed | - | null | ||
| pagination.sortOption.aggregateBy.aggrFunc | - | UNSET | ||
| pagination.sortOption.aggregateBy.distinct | - | null |
68.1.8.3. Return Type
68.1.8.4. Content Type
- application/json
68.1.8.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
68.1.8.6. Samples
68.1.9. UpdateVulnerabilityException
PATCH /v2/vulnerability-exceptions/{id}
UpdateVulnerabilityException updates an existing vulnerability exception. The update is enforced only once it is approved. Currently only the following can be updated: - CVEs and expiry of the deferral exceptions - CVEs of the false positive exception
68.1.9.1. Description
68.1.9.2. Parameters
68.1.9.2.1. Path Parameters
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| id | REQUIRED. The ID of vulnerability exception to be updated. | X | null |
68.1.9.2.2. Body Parameter
| Name | Description | Required | Default | Pattern |
|---|---|---|---|---|
| body | VulnerabilityExceptionServiceUpdateVulnerabilityExceptionBody | X |
68.1.9.3. Return Type
68.1.9.4. Content Type
- application/json
68.1.9.5. Responses
| Code | Message | Datatype |
|---|---|---|
| 200 | A successful response. | |
| 0 | An unexpected error response. |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}