Skip to main content
GET
/
v1
/
findings
List findings
curl --request GET \
  --url https://api.app.chainloop.dev/v1/findings \
  --header 'Authorization: Bearer <token>'
{
  "pagination": {
    "total_count": 1,
    "page": 0,
    "total_pages": 5,
    "page_size": 6
  },
  "results": [
    {
      "severity": "FINDING_SEVERITY_UNSPECIFIED",
      "package_purl": "package_purl",
      "is_in_kev": true,
      "first_seen_at": "2000-01-23T04:56:07.000Z",
      "external_id": "external_id",
      "source": "source",
      "finding_type": "FINDING_TYPE_UNSPECIFIED",
      "project_name": "project_name",
      "project_version_name": "project_version_name",
      "artifact_ids": [
        "artifact_ids",
        "artifact_ids"
      ],
      "id": "id",
      "last_seen_at": "2000-01-23T04:56:07.000Z",
      "status": "FINDING_STATUS_UNSPECIFIED"
    },
    {
      "severity": "FINDING_SEVERITY_UNSPECIFIED",
      "package_purl": "package_purl",
      "is_in_kev": true,
      "first_seen_at": "2000-01-23T04:56:07.000Z",
      "external_id": "external_id",
      "source": "source",
      "finding_type": "FINDING_TYPE_UNSPECIFIED",
      "project_name": "project_name",
      "project_version_name": "project_version_name",
      "artifact_ids": [
        "artifact_ids",
        "artifact_ids"
      ],
      "id": "id",
      "last_seen_at": "2000-01-23T04:56:07.000Z",
      "status": "FINDING_STATUS_UNSPECIFIED"
    }
  ]
}

Authorizations

Authorization
string
header
required

Bearer token for authentication

Query Parameters

project_name
string

Filter by project name

Filter findings by project name

project_version_name
string

Filter by project version name

Filter findings by project version name

severity
enum<string>[]

Filter by severity levels

Filter by one or more severity levels

Available options:
FINDING_SEVERITY_UNSPECIFIED,
FINDING_SEVERITY_CRITICAL,
FINDING_SEVERITY_HIGH,
FINDING_SEVERITY_MEDIUM,
FINDING_SEVERITY_LOW,
FINDING_SEVERITY_INFO,
FINDING_SEVERITY_UNKNOWN
status
enum<string>[]

Filter by statuses

Filter by one or more statuses

  • FINDING_STATUS_OPEN: OPEN: newly detected finding, not yet triaged or acted upon
  • FINDING_STATUS_IN_PROGRESS: IN_PROGRESS: finding is being investigated or actively remediated
  • FINDING_STATUS_RESOLVED: RESOLVED: finding has been fixed, mitigated, or otherwise closed (see resolution_reason for details)
  • FINDING_STATUS_REJECTED: REJECTED: finding has been dismissed by an operator (e.g. false positive, risk accepted, out of scope)
Available options:
FINDING_STATUS_UNSPECIFIED,
FINDING_STATUS_OPEN,
FINDING_STATUS_IN_PROGRESS,
FINDING_STATUS_RESOLVED,
FINDING_STATUS_REJECTED
finding_type
enum<string>[]

Filter by finding types

Filter by one or more finding types

Available options:
FINDING_TYPE_UNSPECIFIED,
FINDING_TYPE_VULNERABILITY
is_in_kev
boolean

Filter by KEV membership

Filter by whether the finding is in the CISA KEV catalog

search
string

Search by external ID substring

Search findings by external ID (e.g. CVE identifier)

pagination.page
integer<int32>

The (zero-based) offset of the first item returned in the collection.

pagination.page_size
integer<int32>

The maximum number of entries to return. If the value exceeds the maximum, then the maximum value will be used.

Response

A successful response.

Response for the List method

results
FindingListItem · object[]
pagination
OffsetPaginationResponse is used to return the pagination information · object
Example:
{
  "total_count": 1,
  "page": 0,
  "total_pages": 5,
  "page_size": 6
}