curl --request GET \
--url https://api.example.com/api/findings/{id}{
"success": true,
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"scan_id": "98765432-e89b-12d3-a456-426614174111",
"repo_id": "11111111-e89b-12d3-a456-426614174222",
"source": "ai",
"status": "open",
"severity": "high",
"confidence": "high",
"title": "SQL Injection vulnerability in user query",
"description": "User input is concatenated directly into SQL query without sanitization, allowing potential SQL injection attacks.",
"cwe_id": "CWE-89",
"cve_id": null,
"file_path": "src/database/queries.rs",
"line_start": 45,
"line_end": 47,
"code_snippet": "let query = format!(\"SELECT * FROM users WHERE id = {}\", user_id);",
"suggested_patch": null,
"poc_exploit_json": null,
"poc_validated": false,
"fingerprint": "a7f3b9c2d1e4f5a6b7c8d9e0f1a2b3c4",
"agent_reasoning": "The code constructs a SQL query using string formatting with unsanitized user input, creating a classic SQL injection vector.",
"created_at": "2026-03-12T10:30:00Z",
"updated_at": "2026-03-12T10:30:00Z"
}
}
Retrieve a single security finding by its unique identifier
curl --request GET \
--url https://api.example.com/api/findings/{id}{
"success": true,
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"scan_id": "98765432-e89b-12d3-a456-426614174111",
"repo_id": "11111111-e89b-12d3-a456-426614174222",
"source": "ai",
"status": "open",
"severity": "high",
"confidence": "high",
"title": "SQL Injection vulnerability in user query",
"description": "User input is concatenated directly into SQL query without sanitization, allowing potential SQL injection attacks.",
"cwe_id": "CWE-89",
"cve_id": null,
"file_path": "src/database/queries.rs",
"line_start": 45,
"line_end": 47,
"code_snippet": "let query = format!(\"SELECT * FROM users WHERE id = {}\", user_id);",
"suggested_patch": null,
"poc_exploit_json": null,
"poc_validated": false,
"fingerprint": "a7f3b9c2d1e4f5a6b7c8d9e0f1a2b3c4",
"agent_reasoning": "The code constructs a SQL query using string formatting with unsanitized user input, creating a classic SQL injection vector.",
"created_at": "2026-03-12T10:30:00Z",
"updated_at": "2026-03-12T10:30:00Z"
}
}
Show Finding Properties
ai - Detected by AI-powered analysisstatic - Found by static analysis toolsdependencies - Identified in dependency scanopen - Newly discovered, awaiting reviewconfirmed - Verified as a true positivedismissed - Acknowledged but not prioritizedfalse_positive - Determined to be incorrectfixed - Remediation has been appliedcritical - Requires immediate attentionhigh - Significant risk, prioritize remediationmedium - Moderate risklow - Minor risk or informationalhigh - Strong evidence supporting the findingmedium - Moderate confidencelow - Requires additional verification{
"success": true,
"data": {
"id": "123e4567-e89b-12d3-a456-426614174000",
"scan_id": "98765432-e89b-12d3-a456-426614174111",
"repo_id": "11111111-e89b-12d3-a456-426614174222",
"source": "ai",
"status": "open",
"severity": "high",
"confidence": "high",
"title": "SQL Injection vulnerability in user query",
"description": "User input is concatenated directly into SQL query without sanitization, allowing potential SQL injection attacks.",
"cwe_id": "CWE-89",
"cve_id": null,
"file_path": "src/database/queries.rs",
"line_start": 45,
"line_end": 47,
"code_snippet": "let query = format!(\"SELECT * FROM users WHERE id = {}\", user_id);",
"suggested_patch": null,
"poc_exploit_json": null,
"poc_validated": false,
"fingerprint": "a7f3b9c2d1e4f5a6b7c8d9e0f1a2b3c4",
"agent_reasoning": "The code constructs a SQL query using string formatting with unsanitized user input, creating a classic SQL injection vector.",
"created_at": "2026-03-12T10:30:00Z",
"updated_at": "2026-03-12T10:30:00Z"
}
}
{
"success": false,
"code": 404,
"message": "Finding '123e4567-e89b-12d3-a456-426614174000' not found"
}
{
"success": false,
"code": 500,
"message": "Failed to fetch finding: database connection error"
}