Vulnerabilities API - GET vulnerability details

Lists the details of a specific vulnerability.

The request produces an application/json payload.

GETSaaShttps://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}
Environment ActiveGateCluster ActiveGatehttps://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/securityProblems/{id}

Authentication

To execute this request, you need an access token with securityProblems.read scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter
Type
Description
In
Required
id
string

The ID of the requested security problem.

path
required
fields
string

A list of additional security problem properties you can add to the response.

The following properties are available (all other properties are always included and you can't remove them from the response):

  • riskAssessment: A risk assessment of the security problem.
  • managementZones: The management zone where the security problem occurred.
  • codeLevelVulnerabilityDetails: Details of the code-level vulnerability.
  • globalCounts: Globally calculated statistics about the security problem. No management zone information is taken into account.
  • filteredCounts: Statistics about the security problem, filtered by the management zone and timeframe start ('from') query parameters.
  • description: The description of the vulnerability.
  • remediationDescription: Description of how to remediate the vulnerability.
  • events: The security problem's last 10 events within the last 365 days, sorted from newest to oldest.
  • vulnerableComponents: A list of vulnerable components of the security problem within the provided filter range.
  • affectedEntities: A list of affected entities of the security problem within the provided filter range.
  • exposedEntities: A list of exposed entities of the security problem within the provided filter range.
  • reachableDataAssets: A list of data assets reachable by affected entities of the security problem within the provided filter range.
  • relatedEntities: A list of related entities of the security problem within the provided filter range.
  • relatedContainerImages: A list of related container images of the security problem within the provided filter range.
  • relatedAttacks: A list of attacks detected on the exposed security problem.
  • entryPoints: A list of entry points and a flag which indicates whether this list was truncated or not.

To add properties, specify them in a comma-separated list and prefix each property with a plus (for example, +riskAssessment,+managementZones).

query
optional
managementZoneFilter
string

To specify management zones, use one of the options listed below. For each option you can specify multiple comma-separated values. If several values are specified, the OR logic applies. All values are case-sensitive and must be quoted.

  • Management zone ID: ids("mzId-1", "mzId-2").
  • Management zone names: names("mz-1", "mz-2").

You can specify several comma-separated criteria (for example, names("myMz"),ids("9130632296508575249")).

query
optional
from
string

Based on the timeframe start the affected-, related- and vulnerable entities are being calculated. You can use one of the following formats:

  • Timestamp in UTC milliseconds.
  • Human-readable format of 2021-01-25T05:57:01.123+01:00. If no time zone is specified, UTC is used. You can use a space character instead of the T. Seconds and fractions of a second are optional.
  • Relative timeframe, back from now. The format is now-NU/A, where N is the amount of time, U is the unit of time, and A is an alignment. The alignment rounds all the smaller values to the nearest zero in the past. For example, now-1y/w is one year back, aligned by a week. You can also specify relative timeframe without an alignment: now-NU. Supported time units for the relative timeframe are:
    • m: minutes
    • h: hours
    • d: days
    • w: weeks
    • M: months
    • y: years

If not set, the default timeframe start of 24 hours in the past is used (now-24h).

The timeframe start must not be older than 365 days.

query
optional

Response

Response codes

Code
Type
Description
200

Success. The response contains parameters of the security problem.

4XX

Client side error.

5XX

Server side error.

Response body objects

The SecurityProblemDetails object

Parameters of a security problem

Element
Type
Description
affectedEntities
string[]

A list of affected entities of the security problem.

An affected entity is an entity where a vulnerable component runs.

codeLevelVulnerabilityDetails

The details of a code-level vulnerability.

cveIds
string[]

A list of CVE IDs of the security problem.

description
string

The description of the security problem.

displayId
string

The display ID of the security problem.

entryPoints

A list of entry points and a flag which indicates whether this list was truncated or not.

events

An ordered (newest first) list of events of the security problem.

exposedEntities
string[]

A list of exposed entities of the security problem.

An exposed entity is an affected entity that is exposed to the internet.

externalVulnerabilityId
string

The external vulnerability ID of the security problem.

filteredCounts

Statistics about the security problem, filtered by the management zone and timeframe start ('from') query parameters.

firstSeenTimestamp
integer

The timestamp of the first occurrence of the security problem.

globalCounts

Globally calculated statistics about the security problem. No management zone information is taken into account.

lastOpenedTimestamp
integer

The timestamp when the security problem was last opened.

lastResolvedTimestamp
integer

The timestamp when the security problem was last resolved.

lastUpdatedTimestamp
integer

The timestamp of the most recent security problem change.

managementZones

A list of management zones which the affected entities belong to.

muteStateChangeInProgress
boolean

If true a change of the mute state is in progress.

muted
boolean

The security problem is (true) or is not (false) muted.

packageName
string

The package name of the security problem.

reachableDataAssets
string[]

A list of data assets reachable by affected entities of the security problem.

A data asset is a service that has database access.

relatedAttacks

A list of related attacks of the security problem.

Related attacks are attacks on the exposed security problem.

relatedContainerImages

A list of related container images.

relatedEntities

A list of related entities of the security problem.

A related entity is a monitored entity that is directly or indirectly related to an affected entity (for example, it could be a host where an affected process runs).

Each related entity contains a list of corresponding affected entities (for example, an affected process running on this host).

remediationDescription
string

Description of how to remediate the vulnerability.

riskAssessment

Risk assessment of a security problem.

securityProblemId
string

The ID of the security problem.

status
string

The status of the security problem.

  • OPEN
  • RESOLVED
technology
string

The technology of the security problem.

  • DOTNET
  • GO
  • JAVA
  • KUBERNETES
  • NODE_JS
  • PHP
  • PYTHON
title
string

The title of the security problem.

url
string

The URL to the security problem details page.

vulnerabilityType
string

The type of the vulnerability.

  • CODE_LEVEL
  • RUNTIME
  • THIRD_PARTY
vulnerableComponents

A list of vulnerable components of the security problem.

A vulnerable component is what causes the security problem.

The CodeLevelVulnerabilityDetails object

The details of a code-level vulnerability.

Element
Type
Description
processGroupIds
string[]

The list of encoded MEIdentifier of the process groups.

processGroups
string[]

The list of affected process groups.

shortVulnerabilityLocation
string

The code location of the vulnerability without package and parameter.

type
string

The type of code level vulnerability.

  • CMD_INJECTION
  • IMPROPER_INPUT_VALIDATION
  • SQL_INJECTION
  • SSRF
vulnerabilityLocation
string

The code location of the vulnerability.

vulnerableFunction
string

The vulnerable function of the vulnerability.

vulnerableFunctionInput

Describes what got passed into the code level vulnerability.

The VulnerableFunctionInput object

Describes what got passed into the code level vulnerability.

Element
Type
Description
inputSegments

A list of input segments.

type
string

The type of the input.

  • COMMAND
  • HTTP_CLIENT
  • JNDI
  • SQL_STATEMENT

The VulnerableFunctionInputSegment object

Describes one segment that was passed into a vulnerable function.

Element
Type
Description
type
string

The type of the input segment.

  • MALICIOUS_INPUT
  • REGULAR_INPUT
  • TAINTED_INPUT
value
string

The value of the input segment.

The EntryPoints object

A list of entry points and a flag which indicates whether this list was truncated or not.

Element
Type
Description
items

A list of entry points.

truncated
boolean

Indicates whether the list of entry points was truncated or not.

The EntryPoint object

Information about an entry point of a code-level vulnerability.

Element
Type
Description
sourceHttpPath
string

Source HTTP path of entry points.

usageSegments

List of entry point usage segments.

The EntryPointUsageSegment object

Describes one segment that was passed into a usage and the associated source name and type.

Element
Type
Description
segmentType
string

The type of this input segment.

  • MALICIOUS_INPUT
  • REGULAR_INPUT
  • TAINTED_INPUT
segmentValue
string

The value of this input segment.

sourceArgumentName
string

The name used in the source for this segment.

sourceType
string

The type of the HTTP request part that contains the value that was used in this segment.

  • HTTP_BODY
  • HTTP_COOKIE
  • HTTP_HEADER_NAME
  • HTTP_HEADER_VALUE
  • HTTP_OTHER
  • HTTP_PARAMETER_NAME
  • HTTP_PARAMETER_VALUE
  • HTTP_URL
  • UNKNOWN

The SecurityProblemEvent object

The event of a security problem.

Element
Type
Description
muteState

Metadata of the muted state of a security problem in relation to an event.

reason
string

The reason of the event creation.

  • ASSESSMENT_CHANGED
  • SECURITY_PROBLEM_CREATED
  • SECURITY_PROBLEM_MUTED
  • SECURITY_PROBLEM_REOPENED
  • SECURITY_PROBLEM_RESOLVED
  • SECURITY_PROBLEM_UNMUTED
riskAssessmentSnapshot

A snapshot of the risk assessment of a security problem.

timestamp
integer

The timestamp when the event occurred.

The MuteState object

Metadata of the muted state of a security problem in relation to an event.

Element
Type
Description
comment
string

A user's comment.

reason
string

The reason for the mute state change.

  • AFFECTED
  • CONFIGURATION_NOT_AFFECTED
  • FALSE_POSITIVE
  • IGNORE
  • INITIAL_STATE
  • OTHER
  • VULNERABLE_CODE_NOT_IN_USE
user
string

The user who has muted or unmuted the problem.

The RiskAssessmentSnapshot object

A snapshot of the risk assessment of a security problem.

Element
Type
Description
baseRiskScore
number

The risk score (1-10) from the CVSS score.

changes

All changes of the risk assessment.

exposure
string

The level of exposure of affected entities.

  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK
numberOfAffectedEntities
integer

The number of currently affected entities.

numberOfAffectedNodes
integer

The number of currently affected nodes.

numberOfAffectedProcessGroups
integer

The number of currently affected process groups.

numberOfReachableDataAssets
integer

The number of data assets that are currently reachable by affected entities.

numberOfRelatedAttacks
integer

The number of related attacks.

publicExploit
string

The availability status of public exploits.

  • AVAILABLE
  • NOT_AVAILABLE
riskLevel
string

The Davis risk level.

It is calculated by Dynatrace on the basis of CVSS score.

  • CRITICAL
  • HIGH
  • LOW
  • MEDIUM
  • NONE
riskScore
number

The Davis risk score (1-10).

It is calculated by Dynatrace on the basis of CVSS score.

vulnerableFunctionUsage
string

The state of vulnerable code execution.

  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE

The RiskAssessmentChanges object

All changes of the risk assessment.

Element
Type
Description
deltaBaseRiskScore
number

The delta of the risk score.

deltaNumberOfAffectedNodes
integer

The delta of the number of currently affected nodes.

deltaNumberOfAffectedProcessGroups
integer

The delta of the number of currently affected process groups.

deltaNumberOfReachableDataAssets
integer

The delta of the number of data assets that are currently reachable by affected entities.

deltaNumberOfRelatedAttacks
integer

The delta of the number of related attacks.

deltaRiskScore
number

The delta of the Davis risk score.

previousExposure
string

The previous level of exposure of affected entities.

  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK
previousPublicExploit
string

The previous availability status of public exploits.

  • AVAILABLE
  • NOT_AVAILABLE
previousVulnerableFunctionUsage
string

The previous state of vulnerable code execution.

  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE

The FilteredCountsDto object

Statistics about the security problem, filtered by the management zone and timeframe start ('from') query parameters.

Element
Type
Description
affectedNodes
integer

Number of affected nodes

affectedProcessGroupInstances
integer

Number of affected processes

affectedProcessGroups
integer

Number of affected process groups

exposedProcessGroups
integer

Number of exposed process groups

reachableDataAssets
integer

Number of reachable data assets

relatedApplications
integer

Number of related applications

relatedAttacks
integer

Number of related attacks

relatedDatabases
integer

Number of related databases

relatedHosts
integer

Number of related hosts

relatedKubernetesClusters
integer

Number of related Kubernetes clusters

relatedKubernetesWorkloads
integer

Number of related Kubernetes workloads

relatedServices
integer

Number of related services

vulnerableComponents
integer

Number of vulnerable components

The GlobalCountsDto object

Globally calculated statistics about the security problem. No management zone information is taken into account.

Element
Type
Description
affectedNodes
integer

Number of affected nodes

affectedProcessGroupInstances
integer

Number of affected process group instances

affectedProcessGroups
integer

Number of affected process groups

exposedProcessGroups
integer

Number of exposed process groups

reachableDataAssets
integer

Number of reachable data assets exposed

relatedApplications
integer

Number of related applications

relatedAttacks
integer

Number of attacks on the exposed security problem

relatedHosts
integer

Number of related hosts

relatedKubernetesClusters
integer

Number of related kubernetes cluster

relatedKubernetesWorkloads
integer

Number of related kubernetes workloads

relatedServices
integer

Number of related services

vulnerableComponents
integer

Number of vulnerable components

The ManagementZone object

A short representation of a management zone.

Element
Type
Description
id
string

The ID of the management zone.

name
string

The name of the management zone.

The RelatedAttacksList object

A list of related attacks of the security problem.

Related attacks are attacks on the exposed security problem.

Element
Type
Description
attacks
string[]

A list of related attack ids.

The RelatedContainerList object

A list of related container images.

Element
Type
Description
containerImages

A list of related container images.

The RelatedContainerImage object

Related container image of a security problem.

Element
Type
Description
affectedEntities
string[]

A list of affected entities.

imageId
string

The image ID of the related container image.

imageName
string

The image name of the related container image.

numberOfAffectedEntities
integer

The number of affected entities.

The RelatedEntitiesList object

A list of related entities of the security problem.

A related entity is a monitored entity that is directly or indirectly related to an affected entity (for example, it could be a host where an affected process runs).

Each related entity contains a list of corresponding affected entities (for example, an affected process running on this host).

Element
Type
Description
applications

A list of related applications.

databases
string[]

A list of related databases.

hosts

A list of related hosts.

kubernetesClusters

A list of related Kubernetes clusters.

kubernetesWorkloads

A list of related Kubernetes workloads.

services

A list of related services.

The RelatedEntity object

An entity related to a security problem.

Element
Type
Description
affectedEntities
string[]

A list of affected entities related to the entity.

id
string

The Dynatrace entity ID of the entity.

numberOfAffectedEntities
integer

The number of affected entities related to the entity.

The RelatedService object

A service related to a security problem.

Element
Type
Description
affectedEntities
string[]

A list of affected entities related to the entity.

exposure
string

The level of exposure of the service.

  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK
id
string

The Dynatrace entity ID of the entity.

numberOfAffectedEntities
integer

The number of affected entities related to the entity.

The RiskAssessmentDetails object

Risk assessment of a security problem.

Element
Type
Description
assessmentAccuracy
string

The accuracy of the assessment.

  • FULL
  • NOT_AVAILABLE
  • REDUCED
assessmentAccuracyDetails

The assessment accuracy details.

baseRiskLevel
string

The risk level from the CVSS score.

  • CRITICAL
  • HIGH
  • LOW
  • MEDIUM
  • NONE
baseRiskScore
number

The risk score (1-10) from the CVSS score.

baseRiskVector
string

The original attack vector of the CVSS assessment.

dataAssets
string

The reachability of related data assets by affected entities.

  • NOT_AVAILABLE
  • NOT_DETECTED
  • REACHABLE
exposure
string

The level of exposure of affected entities.

  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK
publicExploit
string

The availability status of public exploits.

  • AVAILABLE
  • NOT_AVAILABLE
riskLevel
string

The Davis risk level.

It is calculated by Dynatrace on the basis of CVSS score.

  • CRITICAL
  • HIGH
  • LOW
  • MEDIUM
  • NONE
riskScore
number

The Davis risk score (1-10).

It is calculated by Dynatrace on the basis of CVSS score.

riskVector
string

The attack vector calculated by Dynatrace based on the CVSS attack vector.

vulnerableFunctionRestartRequired
boolean

Whether a restart is required for new vulnerable function data.

vulnerableFunctionUsage
string

The state of vulnerable code execution.

  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE

The AssessmentAccuracyDetails object

The assessment accuracy details.

Element
Type
Description
reducedReasons
string[]

The reason for a reduced accuracy of the assessment.

  • LIMITED_AGENT_SUPPORT
  • LIMITED_BY_CONFIGURATION

The VulnerableComponent object

Vulnerable component of a security problem.

Element
Type
Description
affectedEntities
string[]

A list of affected entities.

displayName
string

The display name of the vulnerable component.

fileName
string

The file name of the vulnerable component.

id
string

The Dynatrace entity ID of the vulnerable component.

numberOfAffectedEntities
integer

The number of affected entities.

shortName
string

The short, component-only name of the vulnerable component.

Response body JSON model

{
  "affectedEntities": [
    "string"
  ],
  "codeLevelVulnerabilityDetails": {
    "processGroupIds": [
      "string"
    ],
    "processGroups": [
      "string"
    ],
    "shortVulnerabilityLocation": "string",
    "type": "CMD_INJECTION",
    "vulnerabilityLocation": "string",
    "vulnerableFunction": "string",
    "vulnerableFunctionInput": {
      "inputSegments": [
        {
          "type": "MALICIOUS_INPUT",
          "value": "string"
        }
      ],
      "type": "COMMAND"
    }
  },
  "cveIds": [
    "string"
  ],
  "description": "string",
  "displayId": "string",
  "entryPoints": {
    "items": [
      {
        "sourceHttpPath": "string",
        "usageSegments": [
          {
            "segmentType": "MALICIOUS_INPUT",
            "segmentValue": "string",
            "sourceArgumentName": "string",
            "sourceType": "HTTP_BODY"
          }
        ]
      }
    ],
    "truncated": true
  },
  "events": [
    {
      "muteState": {
        "comment": "string",
        "reason": "AFFECTED",
        "user": "string"
      },
      "reason": "ASSESSMENT_CHANGED",
      "riskAssessmentSnapshot": {
        "baseRiskScore": 1,
        "changes": {
          "deltaBaseRiskScore": 1,
          "deltaNumberOfAffectedNodes": 1,
          "deltaNumberOfAffectedProcessGroups": 1,
          "deltaNumberOfReachableDataAssets": 1,
          "deltaNumberOfRelatedAttacks": 1,
          "deltaRiskScore": 1,
          "previousExposure": "NOT_AVAILABLE",
          "previousPublicExploit": "AVAILABLE",
          "previousVulnerableFunctionUsage": "IN_USE"
        },
        "exposure": "NOT_AVAILABLE",
        "numberOfAffectedEntities": 1,
        "numberOfAffectedNodes": 1,
        "numberOfAffectedProcessGroups": 1,
        "numberOfReachableDataAssets": 1,
        "numberOfRelatedAttacks": 1,
        "publicExploit": "AVAILABLE",
        "riskLevel": "CRITICAL",
        "riskScore": 1,
        "vulnerableFunctionUsage": "IN_USE"
      },
      "timestamp": 1
    }
  ],
  "exposedEntities": [
    "string"
  ],
  "externalVulnerabilityId": "string",
  "filteredCounts": {
    "affectedNodes": 1,
    "affectedProcessGroupInstances": 1,
    "affectedProcessGroups": 1,
    "exposedProcessGroups": 1,
    "reachableDataAssets": 1,
    "relatedApplications": 1,
    "relatedAttacks": 1,
    "relatedDatabases": 1,
    "relatedHosts": 1,
    "relatedKubernetesClusters": 1,
    "relatedKubernetesWorkloads": 1,
    "relatedServices": 1,
    "vulnerableComponents": 1
  },
  "firstSeenTimestamp": 1,
  "globalCounts": {
    "affectedNodes": 1,
    "affectedProcessGroupInstances": 1,
    "affectedProcessGroups": 1,
    "exposedProcessGroups": 1,
    "reachableDataAssets": 1,
    "relatedApplications": 1,
    "relatedAttacks": 1,
    "relatedHosts": 1,
    "relatedKubernetesClusters": 1,
    "relatedKubernetesWorkloads": 1,
    "relatedServices": 1,
    "vulnerableComponents": 1
  },
  "lastOpenedTimestamp": 1,
  "lastResolvedTimestamp": 1,
  "lastUpdatedTimestamp": 1,
  "managementZones": [
    {
      "id": "string",
      "name": "string"
    }
  ],
  "muteStateChangeInProgress": true,
  "muted": true,
  "packageName": "string",
  "reachableDataAssets": [
    "string"
  ],
  "relatedAttacks": {
    "attacks": [
      "string"
    ]
  },
  "relatedContainerImages": {
    "containerImages": [
      {
        "affectedEntities": [
          "string"
        ],
        "imageId": "string",
        "imageName": "string",
        "numberOfAffectedEntities": 1
      }
    ]
  },
  "relatedEntities": {
    "applications": [
      {
        "affectedEntities": [
          "string"
        ],
        "id": "string",
        "numberOfAffectedEntities": 1
      }
    ],
    "databases": [
      "string"
    ],
    "hosts": [
      {}
    ],
    "kubernetesClusters": [
      {}
    ],
    "kubernetesWorkloads": [
      {}
    ],
    "services": [
      {
        "affectedEntities": [
          "string"
        ],
        "exposure": "NOT_AVAILABLE",
        "id": "string",
        "numberOfAffectedEntities": 1
      }
    ]
  },
  "remediationDescription": "string",
  "riskAssessment": {
    "assessmentAccuracy": "FULL",
    "assessmentAccuracyDetails": {
      "reducedReasons": [
        "LIMITED_AGENT_SUPPORT"
      ]
    },
    "baseRiskLevel": "CRITICAL",
    "baseRiskScore": 1,
    "baseRiskVector": "string",
    "dataAssets": "NOT_AVAILABLE",
    "exposure": "NOT_AVAILABLE",
    "publicExploit": "AVAILABLE",
    "riskLevel": "CRITICAL",
    "riskScore": 1,
    "riskVector": "string",
    "vulnerableFunctionRestartRequired": true,
    "vulnerableFunctionUsage": "IN_USE"
  },
  "securityProblemId": "string",
  "status": "OPEN",
  "technology": "DOTNET",
  "title": "string",
  "url": "string",
  "vulnerabilityType": "CODE_LEVEL",
  "vulnerableComponents": [
    {
      "affectedEntities": [
        "string"
      ],
      "displayName": "string",
      "fileName": "string",
      "id": "string",
      "numberOfAffectedEntities": 1,
      "shortName": "string"
    }
  ]
}

Example

Query the details and risk assessment of a specific vulnerability.

Required filter: fields=%2BriskAssessment.

Curl

curl -X 'GET' 'https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/7412525767433554374?fields=%2BriskAssessment' \
-H 'accept: application/json; charset=utf-8' \
-H 'Authorization: Api-Token [your_token]'

Request URL

https://mySampleEnv.live.dynatracelabs.com/api/v2/securityProblems/7412525767433554374?fields=%2BriskAssessment

Response body

{
  "securityProblemId": "7412525767433554374",
  "displayId": "S-4073",
  "status": "OPEN",
  "muted": false,
  "externalVulnerabilityId": "SNYK-JS-MINIMATCH-3050818",
  "vulnerabilityType": "THIRD_PARTY",
  "title": "Regular Expression Denial of Service (ReDoS)",
  "packageName": "minimatch",
  "url": "https://demo.dev.dynatracelabs.com/ui/security/problem/7412525767433554374",
  "technology": "NODE_JS",
  "firstSeenTimestamp": 1666080124915,
  "lastUpdatedTimestamp": 1727156677302,
  "lastOpenedTimestamp": 1726497786003,
  "riskAssessment": {
    "riskLevel": "MEDIUM",
    "riskScore": 5.3,
    "riskVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/MC:N/MI:N",
    "baseRiskLevel": "MEDIUM",
    "baseRiskScore": 5.3,
    "baseRiskVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
    "exposure": "PUBLIC_NETWORK",
    "dataAssets": "REACHABLE",
    "publicExploit": "NOT_AVAILABLE",
    "vulnerableFunctionUsage": "NOT_AVAILABLE",
    "assessmentAccuracy": "FULL",
    "assessmentAccuracyDetails": {
      "reducedReasons": []
    },
    "vulnerableFunctionRestartRequired": false
  },
  "cveIds": [
    "CVE-2022-3517"
  ],
  "muteStateChangeInProgress": false
}

Related topics