APIs

General Info

Hdiv web console exposes a REST API to help integrate vulnerability detection and attack protection into the organization’s standard stack and dashboards.

The REST API requires an authenticated user. This is done by sending a header that includes the console connection token.

Accessing REST API

API Info

The following URLs are exposed in the API

Mappings

GET
/applications

Response Format

[ {
  "name" : "",
  "status" : "",
  "hdivVersion" : ""
} ]

Response Details

Name Description
String
name

Application name

String
status

RUNNING, DEBUGGING, STOPPED

String
hdivVersion

Version of Hdiv being used

GET
/applications/{name}

Path Variables

Type Description
String
name

Application name

Response Format

{
  "name" : "",
  "status" : "",
  "hdivVersion" : ""
}

Response Details

Name Description
String
name

Application name

String
status

RUNNING, DEBUGGING, STOPPED

String
hdivVersion

Version of Hdiv being used

GET
/servers

Response Format

[ {
  "name" : "",
  "status" : "",
  "lastActivity" : "",
  "hdivVersion" : ""
} ]

Response Details

Name Description
String
name

Server name

String
status

RUNNING, STOPPED

String
lastActivity

yyyy/MM/dd

String
hdivVersion

Version of Hdiv being used

GET
/servers/{name}

Path Variables

Type Description
String
name

Server name

Response Format

{
  "name" : "",
  "status" : "",
  "lastActivity" : "",
  "hdivVersion" : ""
}

Response Details

Name Description
String
name

Server name

String
status

RUNNING, STOPPED

String
lastActivity

yyyy/MM/dd

String
hdivVersion

Version of Hdiv being used

GET
/vulnerabilities

Parameters

Type Description
String
startDate

Start date for the filter using yyyy/MM/dd format

String
endDate

End date for the filter using yyyy/MM/dd format

String
rule

Comma separated rules

String
state

UNRESOLVED, RESOLVED, IGNORED

Response Format

[ {
  "hash" : 0,
  "id" : 0,
  "type" : "",
  "level" : "",
  "score" : 0.0,
  "url" : "",
  "parameterName" : "",
  "parameterValue" : "",
  "parameterType" : "",
  "taintedValue" : :"",
  "className" : :"",
  "lineNumber" : 0
} ]

Response Details

Name Description
long
hash

Vulnerability hash id

long
id

Vulnerability id

String
type

Vulnerability type

String
level

MINOR, LOW, MEDIUM, HIGH

double
score

Vulnerability score

String
url

Vulnerability url

String
parameterName

Input name

String
parameterValue

Input value

String
parameterType

Input type: DATABASE, PARAMETER, MULTIPART_PARAMETER, HEADER, PATH_VARIABLE, REQUEST_BODY

String
taintedValue

Final input value

String
className

Class name where the vulnerability is present

int
lineNumber

Line number where the vulnerability is present

GET
/vulnerabilities/{id}

Path variables

Type Description
long
id

Vulnerability id

Response Format

{
  "hash" : 0,
  "id" : 0,
  "type" : "",
  "level" : "",
  "score" : 0.0,
  "url" : "",
  "parameterName" : "",
  "parameterValue" : "",
  "parameterType" : "",
  "taintedValue" : :"",
  "className" : :"",
  "lineNumber" : 0
}

Response Details

Name Description
long
hash

Vulnerability hash id

long
id

Vulnerability id

String
type

Vulnerability type

String
level

MINOR, LOW, MEDIUM, HIGH

double
score

Vulnerability score

String
url

Vulnerability url

String
parameterName

Input name

String
parameterValue

Input value

String
parameterType

Input type: DATABASE, PARAMETER, MULTIPART_PARAMETER, HEADER, PATH_VARIABLE, REQUEST_BODY

String
taintedValue

Final input value

String
className

Class name where the vulnerability is present

int
lineNumber

Line number where the vulnerability is present

GET
/vulnerableLibraries

Parameters

Type Description
String
artifact

Artifact identifier in group:artifact:version format. Mandatory.

String
application

Application name. Optional.

Response Status Codes

Code Description
200
OK

Vulnerable dependency is present and is processed, full information will be sent

202
ACCEPTED

Vulnerable dependency is present but it is still being processed

404
NOT FOUND

Vulnerable dependency was not sent by any application

Response Format

[ {
  "hash" : 0,
  "id" : 0,
  "type" : "",
  "score" : 0.0,
  "cveNumber" : "",
  "dependency" : "group:artifact:version",
  "description" : "",
} ]

Response Details

Name Description
long
hash

Vulnerability hash id

long
id

Vulnerability id

String
type

Vulnerability type

double
score

Vulnerability score

String
cveNumber

CVE Number

String
dependency

Vulnerable library identifier in group:artifact:version format

String
description

Vulnerability description