🔥码云GVP开源项目 12k star Uniapp+ElementUI 功能强大 支持多语言、二开方便! 广告
# Vulnerabilities API > 原文:[https://docs.gitlab.com/ee/api/vulnerabilities.html](https://docs.gitlab.com/ee/api/vulnerabilities.html) * [Single vulnerability](#single-vulnerability) * [Confirm vulnerability](#confirm-vulnerability) * [Resolve vulnerability](#resolve-vulnerability) * [Dismiss vulnerability](#dismiss-vulnerability) # Vulnerabilities API[](#vulnerabilities-api-ultimate "Permalink") [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10242) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. **注意:**以前的 Vulnerabilities API 已重命名为 Vulnerability Findings API,其文档已移至[其他位置](vulnerability_findings.html) . 现在,本文描述了新的漏洞 API,该 API 提供对[独立漏洞的](https://gitlab.com/groups/gitlab-org/-/epics/634)访问.**警告:**此 API 处于 alpha 阶段,被认为是不稳定的. 响应有效载荷可能会在 GitLab 版本之间发生更改或损坏. 每个对漏洞的 API 调用都必须经过[身份验证](README.html#authentication) . 漏洞权限从其项目继承权限. 如果项目是私有项目,并且用户不是该漏洞所属项目的成员,则对该项目的请求将返回`404 Not Found`状态代码. ## Single vulnerability[](#single-vulnerability "Permalink") 获得一个漏洞 ``` GET /vulnerabilities/:id ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | 整数或字符串 | yes | 要获取的漏洞的 ID | ``` curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/vulnerabilities/1" ``` 响应示例: ``` { "id": 1, "title": "Predictable pseudorandom number generator", "description": null, "state": "opened", "severity": "medium", "confidence": "medium", "report_type": "sast", "project": { "id": 32, "name": "security-reports", "full_path": "/gitlab-examples/security/security-reports", "full_name": "gitlab-examples / security / security-reports" }, "author_id": 1, "updated_by_id": null, "last_edited_by_id": null, "closed_by_id": null, "start_date": null, "due_date": null, "created_at": "2019-10-13T15:08:40.219Z", "updated_at": "2019-10-13T15:09:40.382Z", "last_edited_at": null, "closed_at": null } ``` ## Confirm vulnerability[](#confirm-vulnerability "Permalink") 确认给定漏洞. 如果已经确认该漏洞,则返回状态码`304` . 如果经过身份验证的用户无权[确认漏洞](../user/permissions.html#project-members-permissions) ,则此请求将导致`403`状态代码. ``` POST /vulnerabilities/:id/confirm ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | 整数或字符串 | yes | 确认漏洞的 ID | ``` curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/vulnerabilities/5/confirm" ``` 响应示例: ``` { "id": 2, "title": "Predictable pseudorandom number generator", "description": null, "state": "confirmed", "severity": "medium", "confidence": "medium", "report_type": "sast", "project": { "id": 32, "name": "security-reports", "full_path": "/gitlab-examples/security/security-reports", "full_name": "gitlab-examples / security / security-reports" }, "author_id": 1, "updated_by_id": null, "last_edited_by_id": null, "closed_by_id": null, "start_date": null, "due_date": null, "created_at": "2019-10-13T15:08:40.219Z", "updated_at": "2019-10-13T15:09:40.382Z", "last_edited_at": null, "closed_at": null } ``` ## Resolve vulnerability[](#resolve-vulnerability "Permalink") 解决给定漏洞. 如果漏洞已解决,则返回状态码`304` . 如果经过身份验证的用户无权[解决漏洞](../user/permissions.html#project-members-permissions) ,则此请求将导致`403`状态代码. ``` POST /vulnerabilities/:id/resolve ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | 整数或字符串 | yes | 解决的漏洞的 ID | ``` curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/vulnerabilities/5/resolve" ``` 响应示例: ``` { "id": 2, "title": "Predictable pseudorandom number generator", "description": null, "state": "resolved", "severity": "medium", "confidence": "medium", "report_type": "sast", "project": { "id": 32, "name": "security-reports", "full_path": "/gitlab-examples/security/security-reports", "full_name": "gitlab-examples / security / security-reports" }, "author_id": 1, "updated_by_id": null, "last_edited_by_id": null, "closed_by_id": null, "start_date": null, "due_date": null, "created_at": "2019-10-13T15:08:40.219Z", "updated_at": "2019-10-13T15:09:40.382Z", "last_edited_at": null, "closed_at": null } ``` ## Dismiss vulnerability[](#dismiss-vulnerability "Permalink") 消除给定的漏洞. 如果漏洞已被`304`则返回状态码`304` . If an authenticated user does not have permission to [dismiss vulnerabilities](../user/permissions.html#project-members-permissions), this request will result in a `403` status code. ``` POST /vulnerabilities/:id/dismiss ``` | Attribute | Type | Required | Description | | --- | --- | --- | --- | | `id` | 整数或字符串 | yes | 消除漏洞的 ID | ``` curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/vulnerabilities/5/dismiss" ``` 响应示例: ``` { "id": 2, "title": "Predictable pseudorandom number generator", "description": null, "state": "closed", "severity": "medium", "confidence": "medium", "report_type": "sast", "project": { "id": 32, "name": "security-reports", "full_path": "/gitlab-examples/security/security-reports", "full_name": "gitlab-examples / security / security-reports" }, "author_id": 1, "updated_by_id": null, "last_edited_by_id": null, "closed_by_id": null, "start_date": null, "due_date": null, "created_at": "2019-10-13T15:08:40.219Z", "updated_at": "2019-10-13T15:09:40.382Z", "last_edited_at": null, "closed_at": null } ```