Security problems API - GET vulnerable functions

Lists vulnerable functions of a security problem along with their usage.

The request produces an application/json payload.

GET	Managed	`https://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/vulnerableFunctions`
	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/vulnerableFunctions`
	Environment ActiveGate	`https://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/vulnerableFunctions`

Authentication

To execute this request, you need an access token with Read security problems (securityProblems.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter Type Description In Required

string

Parameter	Type	Description	In	Required
id	string	The ID of the required third-party security problem.	path	required
vulnerableFunctionsSelector	string	Defines the scope of the query. Only vulnerable functions matching the specified criteria are included in the response. You can add the following criteria. Values are not case sensitive and the `EQUALS` operator is used unless otherwise specified. Management zone ID: `managementZoneIds("mzId-1","mzId-2")`. Management zone name: `managementZones("name-1","name-2")`. Values are case sensitive. Process group ID: `processGroupIds("pgId-1", "pgId-2")`. Specify Dynatrace entity IDs here. Process group name: `processGroupNames("name-1", "name-2")`. Values are case sensitive. Process group name contains: `processGroupNameContains("name-1")`. The `CONTAINS` operator is used. Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (`~`) inside quotes: Tilde `~` Quote `"`	query	optional
groupBy	string	Defines additional grouping types in which vulnerable functions should be displayed. You can add one of the following grouping types. Process group: `PROCESS_GROUP`	query	optional

The ID of the required third-party security problem.

path

required

vulnerableFunctionsSelector

string

Defines the scope of the query. Only vulnerable functions matching the specified criteria are included in the response.

You can add the following criteria. Values are not case sensitive and the EQUALS operator is used unless otherwise specified.

Management zone ID: managementZoneIds("mzId-1","mzId-2").
Management zone name: managementZones("name-1","name-2"). Values are case sensitive.
Process group ID: processGroupIds("pgId-1", "pgId-2"). Specify Dynatrace entity IDs here.
Process group name: processGroupNames("name-1", "name-2"). Values are case sensitive.
Process group name contains: processGroupNameContains("name-1"). The CONTAINS operator is used.

Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (~) inside quotes:

Tilde ~
Quote "

query

optional

groupBy

string

Defines additional grouping types in which vulnerable functions should be displayed.

You can add one of the following grouping types.

Process group: PROCESS_GROUP

query

optional

Response

Response codes

Code	Type	Description
200	VulnerableFunctionsContainer	Success. The response contains the list of vulnerable functions.

Response body objects

The `VulnerableFunctionsContainer` object

A list of vulnerable functions, their security problem wide usages and their usages per process group. Optional: A list of vulnerable function usages per process group for a security problem.

Element	Type	Description
vulnerableFunctions	VulnerableFunctionProcessGroups[]	A list of vulnerable functions, their security problem wide usages and their usages per process group.
vulnerableFunctionsByProcessGroup	ProcessGroupVulnerableFunctions[]	A list of vulnerable function usages per process group for a security problem. The result is sorted based on the following criteria: the number of vulnerable functions in use (descending). the number of vulnerable functions not in use (descending). the number of vulnerable functions not available (descending). the process group identifier (ascending)

Element

Type

Description

vulnerableFunctions

VulnerableFunctionProcessGroups[]

A list of vulnerable functions, their security problem wide usages and their usages per process group.

vulnerableFunctionsByProcessGroup

ProcessGroupVulnerableFunctions[]

A list of vulnerable function usages per process group for a security problem. The result is sorted based on the following criteria:

the number of vulnerable functions in use (descending).
the number of vulnerable functions not in use (descending).
the number of vulnerable functions not available (descending).
the process group identifier (ascending)

The `VulnerableFunctionProcessGroups` object

A vulnerable function including its usage by specific process groups in context of the security problem.

Element	Type	Description
function	VulnerableFunction	Defines an vulnerable function.
usage	string	The vulnerable function usage based on the given process groups: IN_USE if at least one process group calls this vulnerable function. NOT_IN_USE if all process groups do not call this vulnerable function. NOT_AVAILABLE if vulnerable function usage could not be calculated for at least one process group and no process group calls this vulnerable function. The element can hold these values `IN_USE` `NOT_AVAILABLE` `NOT_IN_USE`
processGroupsInUse	string[]	The process group identifiers, where this vulnerable function is in use.
processGroupsNotInUse	string[]	The process group identifiers, where this vulnerable function is not in use.
processGroupsNotAvailable	string[]	The process group identifiers, where information about the usage of this function not available.

The `VulnerableFunction` object

Defines an vulnerable function.

Element	Type	Description
className	string	The class name of the vulnerable function.
filePath	string	The file path of the vulnerable function.
functionName	string	The function name of the vulnerable function.

The `ProcessGroupVulnerableFunctions` object

The vulnerable functions of a process group including their usage.

Element	Type	Description
processGroup	string	The process group identifier.
functionsInUse	VulnerableFunction[]	A list of vulnerable functions in use.
functionsNotInUse	VulnerableFunction[]	A list of vulnerable functions not in use.
functionsNotAvailable	VulnerableFunction[]	A list of vulnerable functions with unknown state.

Response body JSON model

json
{
  "vulnerableFunctions": [
    {
      "function": {
        "className": "string",
        "filePath": "string",
        "functionName": "string"
      },
      "usage": "IN_USE",
      "processGroupsInUse": [
        "string"
      ],
      "processGroupsNotInUse": [
        "string"
      ],
      "processGroupsNotAvailable": [
        "string"
      ]
    }
  ],
  "vulnerableFunctionsByProcessGroup": [
    {
      "processGroup": "string",
      "functionsInUse": [
        {}
      ],
      "functionsNotInUse": [
        {}
      ],
      "functionsNotAvailable": [
        {}
      ]
    }
  ]
}

Security problems API - GET vulnerable functions

Authentication

Parameters

Response

Response codes

Response body objects

The VulnerableFunctionsContainer object

The VulnerableFunctionProcessGroups object

The VulnerableFunction object

The ProcessGroupVulnerableFunctions object

Response body JSON model

The `VulnerableFunctionsContainer` object

The `VulnerableFunctionProcessGroups` object

The `VulnerableFunction` object

The `ProcessGroupVulnerableFunctions` object