> ## Documentation Index > Fetch the complete documentation index at: https://docs.chainloop.dev/llms.txt > Use this file to discover all available pages before exploring further. # Describe a finding > Get detailed information about a specific security finding. ## OpenAPI ````yaml https://api.app.chainloop.dev/openapi.yaml get /v1/findings/{finding_id} openapi: 3.0.1 info: contact: email: support@chainloop.dev name: Chainloop Support url: https://chainloop.dev termsOfService: https://chainloop.dev/terms title: Chainloop Platform API version: '1.0' servers: - url: https://api.app.chainloop.dev/ security: - bearerToken: [] tags: - description: AI-powered agent operations name: AgentsService - name: ArtifactService - name: AssessmentService - description: Service for polling the status of asynchronous operations name: AsyncOperationsService - name: AttestationsService - name: PolicyService - name: ComplianceService - name: ComponentService - name: EnvironmentsService - name: EvidenceService - name: FindingService - name: LogicalEnvironmentsService - name: ProductsService - name: ProjectsService - name: UserService externalDocs: description: Chainloop Official Documentation url: https://docs.chainloop.dev paths: /v1/findings/{finding_id}: get: tags: - FindingService summary: Describe a finding description: Get detailed information about a specific security finding. operationId: FindingService_Describe parameters: - description: ID of the finding in: path name: finding_id required: true schema: type: string responses: '200': content: application/json: schema: $ref: '#/components/schemas/v1FindingServiceDescribeResponse' description: A successful response. '400': content: application/json: schema: $ref: '#/components/schemas/v1BadRequestResponse' description: Bad Request - The request was invalid or cannot be served. '401': content: application/json: schema: $ref: '#/components/schemas/v1UnauthorizedResponse' description: Unauthorized - Authentication is required. '403': content: application/json: schema: $ref: '#/components/schemas/v1PermissionDeniedResponse' description: Forbidden - You do not have permission to access this resource. '500': content: application/json: schema: $ref: '#/components/schemas/v1InternalServerErrorResponse' description: Internal Server Error - An unexpected error occurred on the server. default: content: application/json: schema: $ref: '#/components/schemas/rpcStatus' description: An unexpected error response. components: schemas: v1FindingServiceDescribeResponse: description: Response for the Describe method example: result: package_purl: package_purl fixed_in_id: fixed_in_id status_changed_at: '2000-01-23T04:56:07.000Z' recommendation: recommendation created_at: '2000-01-23T04:56:07.000Z' external_id: external_id source: source project_name: project_name first_seen_in_id: first_seen_in_id project_version_name: project_version_name updated_at: '2000-01-23T04:56:07.000Z' last_seen_in_id: last_seen_in_id assessment_ids: - assessment_ids - assessment_ids details: '{}' id: id severity: FINDING_SEVERITY_UNSPECIFIED source_format: source_format component_id: component_id is_in_kev: true first_seen_at: '2000-01-23T04:56:07.000Z' vulnerability: is_in_kev: true description: description external_id: external_id id: id cwes: - cwes - cwes cvss_vectors: - cvss_vectors - cvss_vectors finding_type: FINDING_TYPE_UNSPECIFIED status_detail: FINDING_STATUS_DETAIL_UNSPECIFIED resolution_reason: FINDING_RESOLUTION_REASON_UNSPECIFIED fixed_version: fixed_version resolved_at: '2000-01-23T04:56:07.000Z' artifact_ids: - artifact_ids - artifact_ids location: location effective_assessment_status: ASSESSMENT_STATUS_UNSPECIFIED last_seen_at: '2000-01-23T04:56:07.000Z' status: FINDING_STATUS_UNSPECIFIED properties: result: $ref: '#/components/schemas/v1FindingDetail' title: FindingServiceDescribeResponse type: object v1BadRequestResponse: description: Response for bad request example: code: 0 details: - details - details message: message properties: code: default: 3 description: >- The error code indicating the type of error. It's fixed to 3, which is the code for INVALID_ARGUMENT. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: BadRequestResponse type: object v1UnauthorizedResponse: description: Response for unauthorized access example: code: 6 details: - details - details message: message properties: code: default: 16 description: >- The error code indicating the type of error. It's fixed to 16, which is the code for UNAUTHENTICATED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: UnauthorizedResponse type: object v1PermissionDeniedResponse: description: Response for permission denied example: code: 1 details: - details - details message: message properties: code: default: 7 description: >- The error code indicating the type of error. It's fixed to 7, which is the code for PERMISSION_DENIED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: PermissionDeniedResponse type: object v1InternalServerErrorResponse: description: Response for internal server error example: code: 5 details: - details - details message: message properties: code: default: 13 description: >- The error code indicating the type of error. It's fixed to 13, which is the code for INTERNAL_ERROR. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: InternalServerErrorResponse type: object rpcStatus: example: code: 5 details: - '@type': '@type' - '@type': '@type' message: message properties: code: format: int32 type: integer message: type: string details: items: $ref: '#/components/schemas/protobufAny' type: array type: object v1FindingDetail: description: Full details of a security finding example: package_purl: package_purl fixed_in_id: fixed_in_id status_changed_at: '2000-01-23T04:56:07.000Z' recommendation: recommendation created_at: '2000-01-23T04:56:07.000Z' external_id: external_id source: source project_name: project_name first_seen_in_id: first_seen_in_id project_version_name: project_version_name updated_at: '2000-01-23T04:56:07.000Z' last_seen_in_id: last_seen_in_id assessment_ids: - assessment_ids - assessment_ids details: '{}' id: id severity: FINDING_SEVERITY_UNSPECIFIED source_format: source_format component_id: component_id is_in_kev: true first_seen_at: '2000-01-23T04:56:07.000Z' vulnerability: is_in_kev: true description: description external_id: external_id id: id cwes: - cwes - cwes cvss_vectors: - cvss_vectors - cvss_vectors finding_type: FINDING_TYPE_UNSPECIFIED status_detail: FINDING_STATUS_DETAIL_UNSPECIFIED resolution_reason: FINDING_RESOLUTION_REASON_UNSPECIFIED fixed_version: fixed_version resolved_at: '2000-01-23T04:56:07.000Z' artifact_ids: - artifact_ids - artifact_ids location: location effective_assessment_status: ASSESSMENT_STATUS_UNSPECIFIED last_seen_at: '2000-01-23T04:56:07.000Z' status: FINDING_STATUS_UNSPECIFIED properties: id: description: Unique identifier title: Unique identifier type: string external_id: description: Vulnerability or finding identifier title: External identifier (e.g. CVE-2024-1234) type: string package_purl: description: Affected package in PURL format title: Affected package in PURL format type: string finding_type: $ref: '#/components/schemas/v1FindingType' severity: $ref: '#/components/schemas/v1FindingSeverity' status: $ref: '#/components/schemas/v1FindingStatus' status_detail: $ref: '#/components/schemas/v1FindingStatusDetail' resolution_reason: $ref: '#/components/schemas/v1FindingResolutionReason' is_in_kev: description: >- Whether this CVE is in the CISA Known Exploited Vulnerabilities catalog title: >- Whether the CVE is in the CISA KEV catalog (from linked vulnerability) type: boolean source: description: Source tool or database title: Source tool or database type: string source_format: description: Format of the evidence that produced the finding title: Source format (e.g. CYCLONEDX_JSON, SARIF) type: string recommendation: description: Remediation recommendation for the finding title: Remediation recommendation for the finding type: string location: description: Where the finding was detected (e.g. file path, image layer) title: Location where the finding was detected type: string details: description: Additional format-specific data properties: {} title: Additional format-specific data type: object component_id: description: Associated software component ID title: Associated software component ID type: string first_seen_in_id: description: Evidence ID where the finding was first detected title: Evidence ID where first detected type: string last_seen_in_id: description: Evidence ID where the finding was last detected title: Evidence ID where last detected type: string fixed_in_id: description: Evidence ID where the finding was confirmed fixed title: Evidence ID where confirmed fixed type: string created_at: description: Timestamp when the finding was created format: date-time title: Timestamp when first created type: string updated_at: description: Timestamp when the finding was last updated format: date-time title: Timestamp when last updated type: string status_changed_at: description: Timestamp of the last status change format: date-time title: Timestamp when status last changed type: string resolved_at: description: Timestamp when the finding was resolved format: date-time title: Timestamp when resolved type: string project_name: description: Name of the project title: Name of the project type: string project_version_name: description: Name of the project version title: Name of the project version type: string artifact_ids: description: IDs of artifacts affected by this finding items: type: string title: IDs of artifacts affected by this finding type: array first_seen_at: description: Timestamp when the finding was first detected format: date-time title: Timestamp when the finding was first detected type: string last_seen_at: description: Timestamp when the finding was last detected format: date-time title: Timestamp when the finding was last detected type: string vulnerability: $ref: '#/components/schemas/v1VulnerabilityInfo' fixed_version: description: Version that fixes the vulnerability title: Version that fixes the vulnerability type: string assessment_ids: description: IDs of assessments linked to this finding items: type: string title: IDs of assessments linked to this finding type: array effective_assessment_status: $ref: '#/components/schemas/v1AssessmentStatus' title: FindingDetail type: object protobufAny: additionalProperties: type: object example: '@type': '@type' properties: '@type': type: string type: object v1FindingType: default: FINDING_TYPE_UNSPECIFIED description: |- FindingType represents the type of security finding. Lives in shared_messages.proto for the same reason as FindingSeverity: assessment.proto needs it for the ListEffective query tuples without creating an import cycle with finding.proto. enum: - FINDING_TYPE_UNSPECIFIED - FINDING_TYPE_VULNERABILITY type: string v1FindingSeverity: default: FINDING_SEVERITY_UNSPECIFIED description: >- FindingSeverity represents the severity level of a finding. Lives in shared_messages.proto so both finding.proto and assessment.proto can use it without creating an import cycle (finding.proto imports assessment.proto for AssessmentStatus, and assessment.proto needs FindingSeverity for the severity field on AssessmentItem). enum: - FINDING_SEVERITY_UNSPECIFIED - FINDING_SEVERITY_CRITICAL - FINDING_SEVERITY_HIGH - FINDING_SEVERITY_MEDIUM - FINDING_SEVERITY_LOW - FINDING_SEVERITY_INFO - FINDING_SEVERITY_UNKNOWN type: string v1FindingStatus: default: FINDING_STATUS_UNSPECIFIED description: >- FindingStatus represents the lifecycle status of a finding. Transitions: OPEN → IN_PROGRESS → RESOLVED, or OPEN → REJECTED. A resolved finding can be reopened (back to OPEN) if it reappears in later evidence. - FINDING_STATUS_OPEN: OPEN: newly detected finding, not yet triaged or acted upon - FINDING_STATUS_IN_PROGRESS: IN_PROGRESS: finding is being investigated or actively remediated - FINDING_STATUS_RESOLVED: RESOLVED: finding has been fixed, mitigated, or otherwise closed (see resolution_reason for details) - FINDING_STATUS_REJECTED: REJECTED: finding has been dismissed by an operator (e.g. false positive, risk accepted, out of scope) enum: - FINDING_STATUS_UNSPECIFIED - FINDING_STATUS_OPEN - FINDING_STATUS_IN_PROGRESS - FINDING_STATUS_RESOLVED - FINDING_STATUS_REJECTED type: string v1FindingStatusDetail: default: FINDING_STATUS_DETAIL_UNSPECIFIED description: >- - FINDING_STATUS_DETAIL_MIXED_ASSESSMENTS: Active assessments at the same scope level disagree on status enum: - FINDING_STATUS_DETAIL_UNSPECIFIED - FINDING_STATUS_DETAIL_NEW - FINDING_STATUS_DETAIL_TRIAGED - FINDING_STATUS_DETAIL_REOPENED - FINDING_STATUS_DETAIL_INVESTIGATING - FINDING_STATUS_DETAIL_REMEDIATING - FINDING_STATUS_DETAIL_AWAITING_VERIFICATION - FINDING_STATUS_DETAIL_MIXED_ASSESSMENTS title: FindingStatusDetail provides additional context about the finding status type: string v1FindingResolutionReason: default: FINDING_RESOLUTION_REASON_UNSPECIFIED enum: - FINDING_RESOLUTION_REASON_UNSPECIFIED - FINDING_RESOLUTION_REASON_FIXED - FINDING_RESOLUTION_REASON_OBJECT_DELETED - FINDING_RESOLUTION_REASON_MITIGATED - FINDING_RESOLUTION_REASON_FALSE_POSITIVE - FINDING_RESOLUTION_REASON_NOT_AFFECTED - FINDING_RESOLUTION_REASON_RISK_ACCEPTED - FINDING_RESOLUTION_REASON_WONT_FIX - FINDING_RESOLUTION_REASON_DUPLICATE - FINDING_RESOLUTION_REASON_OUT_OF_SCOPE title: >- FindingResolutionReason represents the reason a finding was resolved or rejected type: string v1VulnerabilityInfo: description: Metadata about a known vulnerability example: is_in_kev: true description: description external_id: external_id id: id cwes: - cwes - cwes cvss_vectors: - cvss_vectors - cvss_vectors properties: id: description: Unique identifier of the vulnerability record title: Unique identifier of the vulnerability record type: string external_id: description: CVE or advisory identifier title: External identifier (e.g. CVE-2024-1234) type: string description: description: Human-readable description of the vulnerability title: Human-readable description type: string cwes: description: CWE identifiers (e.g. CWE-79) items: type: string title: CWE identifiers type: array cvss_vectors: description: CVSS vector strings (e.g. CVSS:3.1/AV:N/AC:L/...) items: type: string title: CVSS vector strings type: array is_in_kev: description: >- Whether this CVE is in the CISA Known Exploited Vulnerabilities catalog title: Whether this CVE is in the CISA KEV catalog type: boolean title: VulnerabilityInfo type: object v1AssessmentStatus: default: ASSESSMENT_STATUS_UNSPECIFIED enum: - ASSESSMENT_STATUS_UNSPECIFIED - ASSESSMENT_STATUS_NOT_AFFECTED - ASSESSMENT_STATUS_AFFECTED - ASSESSMENT_STATUS_UNDER_INVESTIGATION - ASSESSMENT_STATUS_FIXED title: AssessmentStatus represents the OpenVEX-aligned status type: string securitySchemes: bearerToken: description: Bearer token for authentication type: http scheme: bearer bearerFormat: JWT ````