- Checkmarx Documentation
- Checkmarx SCA
- Checkmarx SCA (REST) API Documentation
- Checkmarx SCA (REST) APIs - APIs that will be deprecated
- Checkmarx SCA (REST) API - PUT Risk Reports Ignore Vulnerability
Checkmarx SCA (REST) API - PUT Risk Reports Ignore Vulnerability
Warning
The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.
Description
Marks a specific vulnerability as “Ignore” (for a specific package and Project). Ignored vulnerabilities aren’t counted towards the number of vulnerabilities identified in the Project.
Method
PUT
Workflow
After creating a Project, running a scan and reviewing the results, if you identify a specific vulnerability that does not pose a risk to your Project, use this API to mark it as Ignored.
URL
US Environment - https://api-sca.checkmarx.net/risk-management/risk-reports/IgnoreVulnerability
EU Environment - https://eu.api-sca.checkmarx.net/risk-management/risk-reports/IgnoreVulnerability
Curl Sample
curl -X PUT " https://api-sca.checkmarx.net/risk-management/risk-reports/IgnoreVulnerability" -H "accept: application/json" -d "{ "ProjectId": "1a73fc26-b7aa-4ecd-1234-d3aebfc1da21", "VulnerabilityId": "CVE-2021-25329", "PackageId": "Yarn-org.apache.tomcat.embed:tomcat-embed-core-8.5.23"}”Media Type (header)
Authorization: Bearer <access_token>
Accept: application/json
Parameters
Body Parameters - Required
Parameter | Type | Description |
|---|---|---|
ProjectId | string | The unique identifier of the Project. |
VulnerabilityId | string | The unique identifier of the vulnerability you would like to mark as “Ignore”. |
PackageId | string | The unique identifier of the package where the vulnerability was identified. |
Success Response
Code: 204 No Content
There is no body for the success response.
Error Response
Message: Message: |