Get Custom Vulnerability Feed
GET/api/v33.01/feeds/custom/custom-vulnerabilities
x-prisma-cloud-target-env: {"permission":"systemOperations"}
Returns the list of custom vulnerabilities and associated rules for handling internally created or packaged apps.
This list is used by the Prisma Cloud Compute scanner to detect vulnerable custom components (apps, libraries, etc) that were developed and packaged internally.
Note: When a vulnerable custom component is detected in an image, you must have a rule to tell Prisma Cloud Compute how to handle it.
Vulnerability rules can be created using the Prisma Cloud Compute.
cURL Request
Refer to the following cURL command that retrieves a list of all the custom vulnerabilities and associated rules.
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
"https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities"
Response
A successful response will return a list of custom vulnerability rules and the associated digest:
{
"_id":"customVulnerabilities",
"rules": [
{
"_id": "<ID>",
"package": "internal-lib",
"type": "package",
"minVersionInclusive": "1.1",
"name": "internal-lib",
"maxVersionInclusive": "1.8",
"md5": ""
}
],
"digest":"<DIGEST>"
}
Responses
- 200
- default
CustomVulnerabilities is a collection of custom vulnerabilities TBD: this storage usage is not best practice, should be migrate to a 1 document per vulnerability
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
ID is the custom vulnerabilities feed ID.
Digest is the internal custom vulnerabilities feed digest.
rules object[]
Rules is the list of custom vulnerabilities rules.
.
.
.
.
.
.
Possible values: [nodejs,gem,python,jar,package,windows,binary,nuget,go,app,unknown
]
Type describes the package type
{
"_id": "string",
"digest": "string",
"rules": [
{
"_id": "string",
"maxVersionInclusive": "string",
"md5": "string",
"minVersionInclusive": "string",
"name": "string",
"package": "string",
"type": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
]
}
]
}