Skip to main content

Checkmarx One API - POST Predicates

Endpoint

POST /api/similarities

Description

Update the predicate info (severity, state, and comments) of a vulnerability, as specified by the Project ID and similarity ID.

Workflow

  1. Use GET /api/results, specifying a scan ID to get results of that scan, including the similarity IDs of the vulnerabilities.

  2. Use GET /api/similarities/{similarityID}/predicates to get the predicates (severity, state, and comments) of the vulnerability.

  3. Use POST /api/similarities/predicates to update the predicates (severity, state, and comments) of the vulnerability.

URL

The URL for Similarities endpoints is <base_url>/api/similarities

Curl Sample

curl -X POST "https://ast.checkmarx.net/api/similarities/predicates" -H  "accept: */*" -H  "Content-Type: application/json" -d "[{"similarityId":"-1094519905","projectId":"dad0591e-c35d-44a9-8648-198158ec6f29","severity":"HIGH","state":"TO_VERIFY","comment":"My new comment."}]"

Media Type (header)

Authorization: Bearer <access_token>

Accept: application/json

Parameters

Body Parameters

“*” indicates a required parameter

Parameter

Type

Enums

Description

similarityId*

string

-

The unique identifier of a specific instance of a vulnerability.

projectId

string

-

The unique identifier of the Project.

severity

string

  • HIGH

  • MEDIUM

  • LOW

  • INFO

Specify the severity of the vulnerability.

A severity level is automatically associated with each result based on the vulnerability that was discovered. You can specify a new severity level for this vulnerability instance.

state

string

  • TO_VERIFY

  • NOT_EXPLOITABLE

  • PROPOSED_NOT_EXPLOITABLE

  • CONFIRMED

  • URGENT

Specify the current state of this vulnerability. The initial state of all new vulnerabilities is automatically set as TO_VERIFY. You can specify a new State based on your assessment of this vulnerability instance.

comment

string

-

You can add a comment, describing why the state or severity was changed.

Max length: 1024

Success Response

Code: 201 successful operation

There is no body for the success response.

Error Responses: