global_advisories
Creates, updates, deletes, gets or lists a global_advisories resource.
Overview
| Name | global_advisories |
| Type | Resource |
| Id | github.security_advisories.global_advisories |
Fields
The following fields are returned by SELECT queries:
- get_global_advisory
- list_global_advisories
Response
| Name | Datatype | Description |
|---|---|---|
cve_id | string | The Common Vulnerabilities and Exposures (CVE) ID. |
ghsa_id | string | The GitHub Security Advisory ID. |
credits | array | The users who contributed to the advisory. |
cvss | object | |
cvss_severities | object | |
cwes | array | |
description | string | A detailed description of what the advisory entails. |
epss | object | The EPSS scores as calculated by the Exploit Prediction Scoring System. |
github_reviewed_at | string (date-time) | The date and time of when the advisory was reviewed by GitHub, in ISO 8601 format. |
html_url | string (uri) | The URL for the advisory. |
identifiers | array | |
nvd_published_at | string (date-time) | The date and time when the advisory was published in the National Vulnerability Database, in ISO 8601 format. This field is only populated when the advisory is imported from the National Vulnerability Database. |
published_at | string (date-time) | The date and time of when the advisory was published, in ISO 8601 format. |
references | array | |
repository_advisory_url | string (uri) | The API URL for the repository advisory. |
severity | string | The severity of the advisory. (critical, high, medium, low, unknown) |
source_code_location | string (uri) | The URL of the advisory's source code. |
summary | string | A short summary of the advisory. |
type | string | The type of advisory. (reviewed, unreviewed, malware) |
updated_at | string (date-time) | The date and time of when the advisory was last updated, in ISO 8601 format. |
url | string | The API URL for the advisory. |
vulnerabilities | array | The products and respective version ranges affected by the advisory. |
withdrawn_at | string (date-time) | The date and time of when the advisory was withdrawn, in ISO 8601 format. |
Response
| Name | Datatype | Description |
|---|---|---|
cve_id | string | The Common Vulnerabilities and Exposures (CVE) ID. |
ghsa_id | string | The GitHub Security Advisory ID. |
credits | array | The users who contributed to the advisory. |
cvss | object | |
cvss_severities | object | |
cwes | array | |
description | string | A detailed description of what the advisory entails. |
epss | object | The EPSS scores as calculated by the Exploit Prediction Scoring System. |
github_reviewed_at | string (date-time) | The date and time of when the advisory was reviewed by GitHub, in ISO 8601 format. |
html_url | string (uri) | The URL for the advisory. |
identifiers | array | |
nvd_published_at | string (date-time) | The date and time when the advisory was published in the National Vulnerability Database, in ISO 8601 format. This field is only populated when the advisory is imported from the National Vulnerability Database. |
published_at | string (date-time) | The date and time of when the advisory was published, in ISO 8601 format. |
references | array | |
repository_advisory_url | string (uri) | The API URL for the repository advisory. |
severity | string | The severity of the advisory. (critical, high, medium, low, unknown) |
source_code_location | string (uri) | The URL of the advisory's source code. |
summary | string | A short summary of the advisory. |
type | string | The type of advisory. (reviewed, unreviewed, malware) |
updated_at | string (date-time) | The date and time of when the advisory was last updated, in ISO 8601 format. |
url | string | The API URL for the advisory. |
vulnerabilities | array | The products and respective version ranges affected by the advisory. |
withdrawn_at | string (date-time) | The date and time of when the advisory was withdrawn, in ISO 8601 format. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_global_advisory | select | ghsa_id | Gets a global security advisory using its GitHub Security Advisory (GHSA) identifier. | |
list_global_advisories | select | ghsa_id, type, cve_id, ecosystem, severity, cwes, is_withdrawn, affects, published, updated, modified, epss_percentage, epss_percentile, before, after, direction, per_page, sort | Lists all global security advisories that match the specified parameters. If no other parameters are defined, the request will return only GitHub-reviewed advisories that are not malware. By default, all responses will exclude advisories for malware, because malware are not standard vulnerabilities. To list advisories for malware, you must include the type parameter in your request, with the value malware. For more information about the different types of security advisories, see "About the GitHub Advisory database." |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
ghsa_id | string | The GHSA (GitHub Security Advisory) identifier of the advisory. |
affects | | If specified, only return advisories that affect any of package or package@version. A maximum of 1000 packages can be specified. If the query parameter causes the URL to exceed the maximum URL length supported by your client, you must specify fewer packages. Example: affects=package1,package2@1.0.0,package3@2.0.0 or affects[]=package1&affects[]=package2@1.0.0 |
after | string | A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
before | string | A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
cve_id | string | If specified, only advisories with this CVE (Common Vulnerabilities and Exposures) identifier will be returned. |
cwes | | If specified, only advisories with these Common Weakness Enumerations (CWEs) will be returned. Example: cwes=79,284,22 or cwes[]=79&cwes[]=284&cwes[]=22 |
direction | string | The direction to sort the results by. |
ecosystem | string | If specified, only advisories for these ecosystems will be returned. |
epss_percentage | string | If specified, only return advisories that have an EPSS percentage score that matches the provided value. The EPSS percentage represents the likelihood of a CVE being exploited. |
epss_percentile | string | If specified, only return advisories that have an EPSS percentile score that matches the provided value. The EPSS percentile represents the relative rank of the CVE's likelihood of being exploited compared to other CVEs. |
ghsa_id | string | If specified, only advisories with this GHSA (GitHub Security Advisory) identifier will be returned. |
is_withdrawn | boolean | Whether to only return advisories that have been withdrawn. |
modified | string | If specified, only show advisories that were updated or published on a date or date range. For more information on the syntax of the date range, see "Understanding the search syntax." |
per_page | integer | The number of results per page (max 100). For more information, see "Using pagination in the REST API." |
published | string | If specified, only return advisories that were published on a date or date range. For more information on the syntax of the date range, see "Understanding the search syntax." |
severity | string | If specified, only advisories with these severities will be returned. |
sort | string | The property to sort the results by. |
type | string | If specified, only advisories of this type will be returned. By default, a request with no other parameters defined will only return reviewed advisories that are not malware. |
updated | string | If specified, only return advisories that were updated on a date or date range. For more information on the syntax of the date range, see "Understanding the search syntax." |
SELECT examples
- get_global_advisory
- list_global_advisories
Gets a global security advisory using its GitHub Security Advisory (GHSA) identifier.
SELECT
cve_id,
ghsa_id,
credits,
cvss,
cvss_severities,
cwes,
description,
epss,
github_reviewed_at,
html_url,
identifiers,
nvd_published_at,
published_at,
references,
repository_advisory_url,
severity,
source_code_location,
summary,
type,
updated_at,
url,
vulnerabilities,
withdrawn_at
FROM github.security_advisories.global_advisories
WHERE ghsa_id = '{{ ghsa_id }}' -- required
;
Lists all global security advisories that match the specified parameters. If no other parameters are defined, the request will return only GitHub-reviewed advisories that are not malware.
By default, all responses will exclude advisories for malware, because malware are not standard vulnerabilities. To list advisories for malware, you must include the type parameter in your request, with the value malware. For more information about the different types of security advisories, see "About the GitHub Advisory database."
SELECT
cve_id,
ghsa_id,
credits,
cvss,
cvss_severities,
cwes,
description,
epss,
github_reviewed_at,
html_url,
identifiers,
nvd_published_at,
published_at,
references,
repository_advisory_url,
severity,
source_code_location,
summary,
type,
updated_at,
url,
vulnerabilities,
withdrawn_at
FROM github.security_advisories.global_advisories
WHERE ghsa_id = '{{ ghsa_id }}'
AND type = '{{ type }}'
AND cve_id = '{{ cve_id }}'
AND ecosystem = '{{ ecosystem }}'
AND severity = '{{ severity }}'
AND cwes = '{{ cwes }}'
AND is_withdrawn = '{{ is_withdrawn }}'
AND affects = '{{ affects }}'
AND published = '{{ published }}'
AND updated = '{{ updated }}'
AND modified = '{{ modified }}'
AND epss_percentage = '{{ epss_percentage }}'
AND epss_percentile = '{{ epss_percentile }}'
AND before = '{{ before }}'
AND after = '{{ after }}'
AND direction = '{{ direction }}'
AND per_page = '{{ per_page }}'
AND sort = '{{ sort }}'
;