Collecting Basic Linux Vulnerability Info
Function
This API is used to collect basic Linux vulnerability info.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.
URI
GET /v5/{project_id}/vulnerability/linux-detail
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enterprise_project_id |
No |
String |
Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project. |
|
limit |
Yes |
Integer |
Definition Number of records displayed on each page. Constraints N/A Range Value range: 10 to 200 Default Value 10 |
|
offset |
Yes |
Integer |
Definition Offset, which specifies the start position of the record to be returned. Constraints N/A Range The value range is 0 to 2,000,000. Default Value N/A |
|
vul_id |
Yes |
String |
Definition Vulnerability Patch No. Constraints N/A Range The value contains 1 to 256 characters. Default Value N/A |
|
cve_id |
No |
String |
Definition Vulnerability ID Constraints N/A Range The value can contain 1 to 32 characters. Default Value N/A |
|
handle_status |
No |
String |
Definition Vulnerability handling status. Constraints N/A Range Default Value N/A |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
total_num |
Integer |
Definition Total number of records. Range The value range is 0 to 2,147,483,647. |
|
data_list |
Array of LinuxVulDetailInfo objects |
Definition Linux vulnerability CVE list. Range The value range is 0 to 10,000. |
|
Parameter |
Type |
Description |
|---|---|---|
|
cve_id |
String |
Definition Vulnerability ID Range The value can contain 0 to 255 characters. |
|
cve_name |
String |
Definition CVE vulnerability name. Range The value can contain 0 to 512 characters. |
|
cvss_vector |
String |
Definition Attack vector. Range The value can contain 0 to 255 characters. |
|
cve_solution |
String |
Definition CVE fixing suggestion. Range The value can contain 0 to 4,096 characters. |
|
cve_affect |
String |
Definition CVE vulnerability severity. Range The value can contain 0 to 128 characters. |
|
cve_affect_description |
String |
Definition Description of the CVE vulnerability severity. Range The value can contain 0 to 4,096 characters. |
|
cve_type |
String |
Definition CVE vulnerability type. Range The value can contain 0 to 128 characters. |
|
cve_type_description |
String |
Definition Description of a CVE vulnerability type. Range The value can contain 0 to 4,096 characters. |
|
cve_level |
String |
Definition CVE severity. Range |
|
cvss |
Float |
Definition Vulnerability score. Range Minimum value:0; maximum value: 10 |
|
cvss_version |
String |
Definition CVS score version. Range The value can contain 0 to 32 characters. |
|
description |
String |
Definition Vulnerability description. Range The value contains 0 to 1,024 characters. |
|
public_time |
Long |
Definition Disclosure time. Range Minimum value: 0; maximum value: 2^63-1 |
|
cnvd_id |
String |
Definition CNVD ID Range The value can contain 0 to 32 characters. |
|
cnnvd_id |
String |
Definition CNNVD ID Range The value can contain 0 to 32 characters. |
|
hosts_num |
VulnerabilityHostNumberInfo object |
Affected server |
|
Parameter |
Type |
Description |
|---|---|---|
|
important |
Integer |
Definition Number of important servers. Range The value range is 0 to 10,000. |
|
common |
Integer |
Definition Number of common servers. Range The value range is 0 to 10,000. |
|
test |
Integer |
Definition Number of test servers. Range The value range is 0 to 10,000. |
Example Requests
Query details about the Linux vulnerability UTSA-2023-001306 whose project ID is 2b31ed520xxxxxxebedb6e57xxxxxxxx.
GET https://{endpoint}/v5/2b31ed520xxxxxxebedb6e57xxxxxxxx/vulnerability/linux-detail?offset=0&limit=10&vul_id=UTSA-2023-001306&handle_status=unhandled&enterprise_project_id=all_granted_eps
Example Responses
Status code: 200
Request succeeded.
{
"total_num" : 1,
"data_list" : [ {
"cvss" : 4.4,
"description" : "FreeType is an open-source font rendering library written in C.\n\nThe CVE ID has been withdrawn.",
"cve_id" : "CVE-2023-2004",
"cve_name" : "FreeType security vulnerability",
"cvss_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"cve_solution" : "Formal rectification solution\n1. Procedure\nBecause the CVE ID has been withdrawn, the vulnerability details and fixing solution may be unavailable. You are advised to periodically check the FreeType official website and related security notices to obtain the latest security updates and patches. If a patch for this vulnerability is released for FreeType, perform the following steps to fix the vulnerability:\n\n a. Visit the FreeType official website or security notice page to download the latest patch or update.\n b. Follow the official installation instructions to apply the patch or update to your FreeType library.\n c. Recompile and deploy related applications to ensure that the patched FreeType library is used.\n\n2. Workarounds:\nTo prevent similar vulnerabilities in the future, the following best practices are recommended:\n\n a. Regularly monitor security notices of FreeType and other dependent libraries and apply security patches in a timely manner.\n b. Use automation tools to periodically scan known vulnerabilities in the project dependency library.\n c. Strictly comply with secure coding specifications during development to avoid introducing common security vulnerabilities.\n d. For critical systems, consider using multi-layer defense policies, such as intrusion detection systems and application firewalls, to add an additional layer of security.\n\nRestart the service and system. You do not need to restart the system.\n\n",
"cve_type" : "Security defect.",
"cve_type_description" : "Security defects refer to security risks of software programs or hardware devices caused by coding defects or configuration problems. A security defect is a general term for all vulnerability types, that is, all vulnerability types can be referred to as security defects.",
"cve_level" : "Medium",
"cvss_version" : "3.0",
"public_time" : 1681476566000,
"cnnvd_id" : "CNNVD-202304-1201",
"hosts_num" : {
"important" : 0,
"common" : 1,
"test" : 0
}
} ]
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
