# Issues#ListIssues List a collection of Security Issues Endpoint: GET /sto/api/v2/issues Version: 1.0 Security: ## Query parameters: - `accountId` (string, required) Harness Account ID Example: "abcdef1234567890ghijkl" - `page` (integer) Page number to fetch (starting from 0) Example: 4 - `pageSize` (integer) Number of results per page Example: 50 - `productId` (string) Issue product ID Example: "abcdef1234567890ghijkl" - `key` (string) Compression/deduplication key Example: "json-schema@0.2.3" - `excludeOccurrences` (boolean) Example: true ## Header parameters: - `X-Api-Key` (string) Harness personal or service access token Example: "Beatae nihil quod et quis quae accusamus." ## Response 200 fields (application/json): - `pagination` (object, required) Example: {"link":"","page":4,"pageSize":20,"totalItems":230,"totalPages":12} - `pagination.link` (string) Link-based paging - `pagination.page` (integer, required) Page number (starting from 0) Example: 4 - `pagination.pageSize` (integer, required) Requested page size Example: 20 - `pagination.totalItems` (integer, required) Total results available Example: 230 - `pagination.totalPages` (integer, required) Total pages available Example: 12 - `results` (array, required) Example: [{"baseImageName":"baseImageName","baselineVariantId":"abcdef1234567890ghijkl","created":1651578240,"currentStatus":"Expired","details":{"package":"json-schema","version":"v0.2.3"},"exemptionCoverage":"Partially Exempted","exemptionId":"abcdef1234567890ghijkl","exemptionStatusAtScan":"Approved","harnessAugmentation":{"Est maxime maiores vero ipsa.":"Consequatur nesciunt voluptates velit expedita.","Molestiae aut voluptates.":"Ut ab illum rerum."},"id":"abcdef1234567890ghijkl","key":"json-schema@0.2.3","numOccurrences":10,"occurrenceId":12345,"occurrences":[{"line":"42"},{"line":"666"}],"originStatus":"approved","origins":["app","base"],"productId":"product1234567890abcde","severity":8.5,"severityCode":"High","status":"Remediated","subproduct":"product","targetId":"abcdef1234567890ghijkl","targetName":"abcdef1234567890ghijkl","targetType":"repository","targetVariantId":"abcdef1234567890ghijkl","targetVariantName":"nodegoat:master","title":"json-schema@0.2.3 is vulnerable to Prototype Pollution","type":"SAST"},{"baseImageName":"baseImageName","baselineVariantId":"abcdef1234567890ghijkl","created":1651578240,"currentStatus":"Expired","details":{"package":"json-schema","version":"v0.2.3"},"exemptionCoverage":"Partially Exempted","exemptionId":"abcdef1234567890ghijkl","exemptionStatusAtScan":"Approved","harnessAugmentation":{"Est maxime maiores vero ipsa.":"Consequatur nesciunt voluptates velit expedita.","Molestiae aut voluptates.":"Ut ab illum rerum."},"id":"abcdef1234567890ghijkl","key":"json-schema@0.2.3","numOccurrences":10,"occurrenceId":12345,"occurrences":[{"line":"42"},{"line":"666"}],"originStatus":"approved","origins":["app","base"],"productId":"product1234567890abcde","severity":8.5,"severityCode":"High","status":"Remediated","subproduct":"product","targetId":"abcdef1234567890ghijkl","targetName":"abcdef1234567890ghijkl","targetType":"repository","targetVariantId":"abcdef1234567890ghijkl","targetVariantName":"nodegoat:master","title":"json-schema@0.2.3 is vulnerable to Prototype Pollution","type":"SAST"}] - `results.baseImageName` (string) base image name of the issue Example: "baseImageName" - `results.baselineVariantId` (string) The Baseline Target Variant related to this Security Issue Example: "abcdef1234567890ghijkl" - `results.created` (integer, required) Unix timestamp at which the resource was created Example: 1651578240 - `results.currentStatus` (string) Current status of the Exemption Enum: "Pending", "Approved", "Rejected", "Expired" - `results.details` (object, required) Issue details common to all occurrences Example: {"package":"json-schema","version":"v0.2.3"} - `results.exemptionCoverage` (string) Indicates if the Security Issue was found to be Exempted, Partially Exempted. Example: "Partially Exempted" - `results.exemptionId` (string) ID of the associated Exemption Example: "abcdef1234567890ghijkl" - `results.exemptionStatusAtScan` (string) Exemption's status at the Security Scan created time Enum: "Pending", "Approved", "Rejected", "Expired" - `results.harnessAugmentation` (object) Harness Augmentation details Example: {"Est modi quis nam ipsam at.":"Provident dolores molestiae eos magnam."} - `results.id` (string, required) Resource identifier Example: "abcdef1234567890ghijkl" - `results.key` (string, required) Compression/deduplication key Example: "json-schema@0.2.3" - `results.numOccurrences` (integer) Indicates the number of Occurrences on the Issue Example: 10 - `results.occurrenceId` (integer) Example: 12345 - `results.occurrences` (array) Array of details unique to each occurrence Example: [{"line":"42"},{"line":"666"}] - `results.originStatus` (string) The status of the origin, either 'approved' or 'unapproved' Example: "approved" - `results.origins` (array) The origins of the issue Example: ["app","base"] - `results.productId` (string, required) The scan tool that identified this Security Issue Example: "product1234567890abcde" - `results.severity` (number, required) Numeric severity, from 0 (lowest) to 10 (highest) Example: 8.5 - `results.severityCode` (string, required) Severity code Enum: "Critical", "High", "Medium", "Low", "Info", "Unassigned" - `results.status` (string) Indicates if the Security Issue was found to be remediated, ignored, etc. Enum: "Remediated", "Compensating Controls", "Acceptable Use", "Acceptable Risk", "False Positive", "Fix Unavailable", "Exempted" - `results.subproduct` (string) The subproduct that identified this Security Issue Example: "product" - `results.targetId` (string) The Target that this Security Issue affects Example: "abcdef1234567890ghijkl" - `results.targetName` (string) The Name of the Target that this Security Issue affects Example: "abcdef1234567890ghijkl" - `results.targetType` (string) The type of the Target that this Security Issue affects Enum: "container", "repository", "instance", "configuration" - `results.targetVariantId` (string) The Target Variant that this Security Issue affects Example: "abcdef1234567890ghijkl" - `results.targetVariantName` (string) Name of the associated Target and Variant Example: "nodegoat:master" - `results.title` (string, required) Title of the Security Issue Example: "json-schema@0.2.3 is vulnerable to Prototype Pollution" - `results.type` (string) The type of vulnerability or quality issue for this Issue Enum: "SAST", "DAST", "SCA", "IAC", "SECRET", "MISCONFIG", "BUG_SMELLS", "CODE_SMELLS", "CODE_COVERAGE", "EXTERNAL_POLICY" ## Response 400 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 401 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 403 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 404 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 429 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 500 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404