• Home
  • Dynatrace API
  • Environment
  • Application Security
  • Security problems
  • GET vulnerable functions

Security problems API - GET vulnerable functions

Lists vulnerable functions of a security problem along with their usage.

The request produces an application/json payload.

GETManagedDynatrace for Governmenthttps://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/vulnerableFunctions
SaaShttps://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/vulnerableFunctions
Environment ActiveGatehttps://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/vulnerableFunctions

Authentication

To execute this request, you need an access token with securityProblems.read scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

ParameterTypeDescriptionInRequired
idstring

The ID of the required third-party security problem.

pathrequired
vulnerableFunctionsSelectorstring

Defines the scope of the query. Only vulnerable functions matching the specified criteria are included in the response.

You can add the following criteria. Values are not case sensitive and the EQUALS operator is used unless otherwise specified.

  • Management zone ID: managementZoneIds("mzId-1","mzId-2").
  • Management zone name: managementZones("name-1","name-2"). Values are case sensitive.
  • Process group ID: processGroupIds("pgId-1", "pgId-2"). Specify Dynatrace entity IDs here.
  • Process group name: processGroupNames("name-1", "name-2"). Values are case sensitive.
  • Process group name contains: processGroupNameContains("name-1"). The CONTAINS operator is used.

Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (~) inside quotes:

  • Tilde ~
  • Quote "
queryoptional
groupBystring

Defines additional grouping types in which vulnerable functions should be displayed.

You can add one of the following grouping types.

  • Process group: PROCESS_GROUP
queryoptional

Response

Response codes

CodeTypeDescription
200VulnerableFunctionsContainer

Success. The response contains the list of vulnerable functions.

Response body objects

The VulnerableFunctionsContainer object

A list of vulnerable functions, their security problem wide usages and their usages per process group. Optional: A list of vulnerable function usages per process group for a security problem.

ElementTypeDescription
vulnerableFunctionsVulnerableFunctionProcessGroups[]

A list of vulnerable functions, their security problem wide usages and their usages per process group.

vulnerableFunctionsByProcessGroupProcessGroupVulnerableFunctions[]

A list of vulnerable function usages per process group for a security problem. The result is sorted based on the following criteria:

  • the number of vulnerable functions in use (descending).
  • the number of vulnerable functions not in use (descending).
  • the number of vulnerable functions not available (descending).
  • the process group identifier (ascending)

The VulnerableFunctionProcessGroups object

A vulnerable function including its usage by specific process groups in context of the security problem.

ElementTypeDescription
functionVulnerableFunction

Defines an vulnerable function.

usagestring

The vulnerable function usage based on the given process groups:

  • IN_USE if at least one process group calls this vulnerable function.
  • NOT_IN_USE if all process groups do not call this vulnerable function.
  • NOT_AVAILABLE if vulnerable function usage could not be calculated for at least one process group and no process group calls this vulnerable function.
The element can hold these values
  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE
processGroupsInUsestring[]

The process group identifiers, where this vulnerable function is in use.

processGroupsNotInUsestring[]

The process group identifiers, where this vulnerable function is not in use.

processGroupsNotAvailablestring[]

The process group identifiers, where information about the usage of this function not available.

The VulnerableFunction object

Defines an vulnerable function.

ElementTypeDescription
classNamestring

The class name of the vulnerable function.

filePathstring

The file path of the vulnerable function.

functionNamestring

The function name of the vulnerable function.

The ProcessGroupVulnerableFunctions object

The vulnerable functions of a process group including their usage.

ElementTypeDescription
processGroupstring

The process group identifier.

functionsInUseVulnerableFunction[]

A list of vulnerable functions in use.

functionsNotInUseVulnerableFunction[]

A list of vulnerable functions not in use.

functionsNotAvailableVulnerableFunction[]

A list of vulnerable functions with unknown state.

Response body JSON model

json
{ "vulnerableFunctions": [ { "function": { "className": "string", "filePath": "string", "functionName": "string" }, "usage": "IN_USE", "processGroupsInUse": [ "string" ], "processGroupsNotInUse": [ "string" ], "processGroupsNotAvailable": [ "string" ] } ], "vulnerableFunctionsByProcessGroup": [ { "processGroup": "string", "functionsInUse": [ {} ], "functionsNotInUse": [ {} ], "functionsNotAvailable": [ {} ] } ] }
Related topics
  • Application Security

    Detect, monitor, and remediate open-source and third-party vulnerabilities at runtime.

  • Davis security advisor API

    Find out what the Dynatrace Davis security advisor API offers.