Update Custom Vulnerability Feed
PUT/api/v33.02/feeds/custom/custom-vulnerabilities
x-prisma-cloud-target-env: {"permission":"systemOperations"}
Updates all the custom vulnerabilities and associated rules simultaneously for handling internally created or packaged apps.
cURL Request
Refer to the following cURL command that updates a vulnerability for a library named internal-lib, and specifies that its versions 1.1 to 1.8 are known to be vulnerable.
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X PUT \
-d '
{
"rules": [
{
"_id": "<ID>",
"package": "internal-lib",
"type": "package",
"minVersionInclusive": "1.1",
"name": "internal-lib",
"maxVersionInclusive": "1.8",
"md5": ""
}
]
}' \
"https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities"
Note: No response will be returned upon successful execution.
Maintain your Custom Vulnerabilities
We suggest you maintain your custom vulnerabilities using the following steps:
-
Get all the custom vulnerability rules from the
GETendpoint and save the results to a file.Note: You will need
jqto execute this command.$ curl -k \
-u <USER> \
https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities \
| jq '.' > custom_vulnerability_rules.json -
Open the JSON file and add, modify, and/or delete the rules by directly editing the JSON output. For example:
\{
"id": "customVulnerabilities",
"rules": [
\{
"_id": "<ID>",
"package": "internal-lib",
"type": "package",
"minVersionInclusive": "1.1",
"name": "internal-lib",
"maxVersionInclusive": "1.8",
"md5": ""
\}
],
"digest": "97de7f27XXXXXXXXXX"
\} -
Update the rules by pushing the new JSON payload. Note: Do not forget to specify the
@symbol.$ curl -k \
-u <USER> \
-X PUT \
-H "Content-Type:application/json" \
-d @custom_vulnerability_rules.json \
https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities -
Run the cURL command for the
GET /api/vVERSION/feeds/custom/custom-vulnerabilitiesendpoint and you can see that the previously installed rules are now overwritten with your new rules.$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities
<Heading
id={"request"}
as={"h2"}
className={"openapi-tabs__heading"}
children={"Request"}
>
</Heading>
<ParamsDetails
parameters={undefined}
>
</ParamsDetails>
<RequestSchema
title={"Body"}
body={{"content":{"application/json":{"schema":{"description":"CustomVulnerabilities is a collection of custom vulnerabilities\nTBD: this storage usage is not best practice, should be migrate to a 1 document per vulnerability","properties":{"_id":{"description":"ID is the custom vulnerabilities feed ID.\n","type":"string"},"digest":{"description":"Digest is the internal custom vulnerabilities feed digest.\n","type":"string"},"rules":{"description":"Rules is the list of custom vulnerabilities rules.\n","items":{"description":"CustomVulnerability is a user customized vulnerability","properties":{"_id":{"description":".\n","type":"string"},"maxVersionInclusive":{"description":".\n","type":"string"},"md5":{"description":".\n","type":"string"},"minVersionInclusive":{"description":".\n","type":"string"},"name":{"description":".\n","type":"string"},"package":{"description":".\n","type":"string"},"type":{"description":"Type describes the package type","enum":[["nodejs","gem","python","jar","package","windows","binary","nuget","go","app","unknown"]],"type":"string","title":"packages.Type"}},"type":"object","title":"vuln.CustomVulnerability"},"type":"array"}},"type":"object","title":"vuln.CustomVulnerabilities"}}}}}
>
</RequestSchema>
<StatusCodes
id={undefined}
label={undefined}
responses={{"200":{"description":"OK"},"default":{"description":""}}}
>
</StatusCodes>