Help Center/ Host Security Service/ API Reference/ API Description/ Vulnerability Management/ Examining Vulnerability Whitelists
Updated on 2026-04-03 GMT+08:00
View PDF
Share

Examining Vulnerability Whitelists

Function

This API is used to query the vulnerability whitelist.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

  • If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
  • If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.

URI

GET /v5/{project_id}/vulnerability/white-lists

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID.

Constraints

N/A

Range

The value can contain 1 to 256 characters.

Default Value

N/A
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Definition

Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID.

To query assets in all enterprise projects, set this parameter to all_granted_eps.

Constraints

You need to set this parameter only after the enterprise project function is enabled.

Range

The value can contain 1 to 256 characters.

Default Value

0: default enterprise project.

limit

Yes

Integer

Definition

Number of records displayed on each page.

Constraints

N/A

Range

Value range: 10 to 200

Default Value

10

offset

Yes

Integer

Definition

Offset, which specifies the start position of the record to be returned.

Constraints

N/A

Range

The value range is 0 to 2,000,000.

Default Value

N/A

vul_name

No

String

Definition

Vulnerability name.

Constraints

N/A

Range

The value contains 0 to 256 characters.

Default Value

N/A

vul_type

No

String

Definition

Vulnerability type.

Constraints

N/A

Range

  • linux_vul: Linux vulnerabilities

  • windows_vul: Windows vulnerabilities

  • web_cms: Web-CMS vulnerabilities

  • app_vul: application vulnerabilities

Default Value

N/A

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token.

Constraints

N/A

Range

The value can contain 1 to 32,768 characters.

Default Value

N/A

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total_num

Integer

Definition

Total number.

Range

Minimum value: 0; maximum value: 2147483647

data_list

Array of VulWhiteListDetailResponseInfo objects

Definition

Vulnerability whitelist

Range

The value range is 0 to 2,147,483,647.
Table 5 VulWhiteListDetailResponseInfo

Parameter

Type

Description

id

String

Definition

Whitelist ID.

Range

The value contains 0 to 256 characters.

vul_id

String

Definition

Vulnerability ID.

Range

The value contains 0 to 256 characters.

vul_name

String

Definition

Vulnerability name.

Range

The value contains 0 to 256 characters.

vul_type

String

Definition

Vulnerability type.

Range

  • linux_vul: Linux vulnerabilities

  • windows_vul: Windows vulnerabilities

  • web_cms: Web-CMS vulnerabilities

  • app_vul: application vulnerabilities

cves

Array of cves objects

Definition

CVE list corresponding to the vulnerability

Range

The value range is 0 to 2,147,483,647.

rule_type

String

Definition

Whitelist rule type.

Range

  • all_host: The whitelist applies to all servers.

  • specific_host: The whitelist is applied to a specified server.

hosts

Array of hosts objects

Definition

List of specified servers when the whitelist rule is "Specified server."

Range

The value range is 0 to 2,147,483,647.

description

String

Definition

Description of a whitelist

Range

Length: 0 to 1,000 characters
Table 6 cves

Parameter

Type

Description

cve_id

String

Definition

cve id

Range

The value contains 0 to 256 characters.

cvss

Float

Definition

CVSS score of CVE

Range

Minimum value:0; maximum value: 10
Table 7 hosts

Parameter

Type

Description

host_id

String

Definition

Server ID

Range

The value can contain 0 to 128 characters.

host_name

String

Definition

Server name.

Range

The value can contain 0 to 128 characters.

Example Requests

Query the vulnerability whitelist of the project whose ID is 2b31ed520xxxxxxebedb6e57xxxxxxxx.

GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/white-lists?offset=0&limit=200&enterprise_project_id=all_granted_eps

Example Responses

Status code: 200

Request succeeded.

{
  "total_num" : 1,
  "data_list" : [ {
    "id" : "576a1dac-d3ba-4aa6-8725-3eb2ca83172e",
    "cves" : [ {
      "cvss" : 9.8,
      "cve_id" : "CVE-2020-27068"
    }, {
      "cvss" : 5.5,
      "cve_id" : "CVE-2020-36322"
    }, {
      "cvss" : 7.1,
      "cve_id" : "CVE-2020-36386"
    } ],
    "vul_id" : "EulerOS-SA-2022-1171",
    "vul_name" : "EulerOS-SA-2022-1171 Important: kernel security update",
    "vul_type" : "linux_vul",
    "rule_type" : "specific_host",
    "description" : ""
  } ]
}

Status Codes

Status Code

Description

200

Request succeeded.

Error Codes

See Error Codes.

Parent Topic: Vulnerability Management