JQL vulnerability search

Advanced search makes it easy for your team to find and track vulnerabilities across your issues. Add vulnerability properties to your Jira Query Language (JQL) queries to refine your issue search results. Learn more about using advanced search with JQL

Vulnerability properties

You can search for vulnerabilities based on these properties:

  • vulnerability[status]

  • vulnerability[severity]

  • vulnerability[type]

  • vulnerability[provider]

  • vulnerability[totalCount]

  • vulnerability[lastUpdated]

  • vulnerability[introducedDate]

  • vulnerability[displayName]

  • vulnerability[identifiers]

  • vulnerability[additionalInfoContent]

For example, if you wanted to find all issues with a vulnerability, you would add vulnerability[totalCount] > 0 to your JQL query.


vulnerability[status]

Syntax

vulnerability[status]

Field Type

TEXT

Auto-complete

No

Supported operators

=, !=, IN, NOT IN

Unsupported operators

~, !~, >, >=, <, <=, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Supported values

OPEN, IGNORED, CLOSED, UNKNOWN

Examples

vulnerability[status] = OPEN

  • Searches issues with ‘open’ vulnerabilities.

vulnerability[status] != CLOSED

  • Add an exclamation mark (!) to your query to search for issues that do not have vulnerabilities marked as ‘closed’.

vulnerability[status] IN ("IGNORED")

  • Searches issues with ‘ignored’ vulnerabilities.

vulnerability[status] NOT IN ("UNKNOWN")

  • Searches issues with ‘unknown’ vulnerabilities.

vulnerability[status] = "OPEN" AND Sprint NOT IN (openSprints(), futureSprints()) AND status != CLOSED

  • Extend your query to search for issues with vulnerabilities marked as "OPEN" that are still in the backlog.


vulnerability[severity]

Syntax

vulnerability[severity]

Field Type

TEXT

Auto-complete

No

Supported operators

=, !=, IN, NOT IN

Unsupported operators

~, !~, >, >=, <, <=, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Supported values

CRITICAL, HIGH, MEDIUM, LOW

Examples

vulnerability[severity] = CRITICAL

  • Searches issues with ‘critical’ severity vulnerabilities.

vulnerability[severity] = HIGH

  • Searches issues with ‘high’ severity vulnerabilities.

vulnerability[severity] = MEDIUM

  • Searches issues with ‘medium’ severity vulnerabilities.

vulnerability[severity] = LOW

  • Searches issues with 'low' severity vulnerabilities.

vulnerability[severity] IN ("CRITICAL", "HIGH") AND Sprint NOT IN (openSprints(), futureSprints()) AND status != CLOSED

  • Extend your query to search for ‘critical’ and ‘high’ severity vulnerabilities that are still in the backlog.


vulnerability[type]

Syntax

vulnerability[type]

Field Type

TEXT

Auto-complete

No

Supported operators

=, !=, IN, NOT IN

Unsupported operators

~, !~, >, >=, <, <=, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[type] = SAST

  • Searches vulnerabilities identified through Static Application Security Testing (SAST).

vulnerability[type] = SCA

  • Searches vulnerabilities identified through Software Composition Analysis (SCA).

vulnerability[type] != DAST

  • Searches vulnerabilities not identified through Dynamic Application Security Testing (DAST).


vulnerability[provider]

Syntax

vulnerability[provider]

Field Type

TEXT

Auto-complete

No. The latest 15 provider values will be displayed.

Supported operators

=, !=, IN, NOT IN

Unsupported operators

~, !~, >, >=, <, <=, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[provider] = ‘snyk.in.jira’

  • Searches vulnerabilities by the provider 'snyk.in.jira'.

vulnerability[provider] IN ('snyk.in.jira', ‘stackhawk-jira-connect-app’)

  • Searches vulnerability entries by providers, either 'snyk.in.jira' or ‘stackhawk-jira-connect-app’.


vulnerability[totalCount]

Syntax

vulnerability[totalCount]

Field Type

NUMBER

Auto-complete

No

Supported operators

=, >, >=, <, <=

Unsupported operators

~, !~, !=, IN, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[totalCount] < 2

  • Searches issues that have less than 2 vulnerabilities.

vulnerability[totalCount] >= 2

  • Searches issues that have 2 or more vulnerabilities.


vulnerability[lastUpdated]

Syntax

vulnerability[lastUpdated]

Field Type

TEXT

Valid formats:

  • "yyyy/MM/dd HH:mm"

  • "yyyy-MM-dd HH:mm"

  • "yyyy/MM/dd"

  • "yyyy-MM-dd"

  • m, h, d, w (minutes, hours, days, weeks)

    • e.g. -59m, -8h, 3w 2d

Auto-complete

No

Supported operators

>, >=, <, <=

Unsupported operators

=, ~, !~, !=, IN, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[lastUpdated] >= -8h

  • Searches vulnerabilities that were updated within the last 8 hours.

vulnerability[lastUpdated] > "2024-01-01 00:00"

  • Searches vulnerabilities that were updated after 12:00 a.m. on January 1, 2024.

vulnerability[lastUpdated] >= "2023-12-01" and vulnerability[lastUpdated] <= "2023-12-31"

  • Searches vulnerabilities that were updated between December 1 to 31, 2023.


vulnerability[introducedDate]

Syntax

vulnerability[introducedDate]

Field Type

TEXT

Valid formats:

  • "yyyy/MM/dd HH:mm"

  • "yyyy-MM-dd HH:mm"

  • "yyyy/MM/dd"

  • "yyyy-MM-dd"

  • m, h, d, w (minutes, hours, days, weeks)

    • e.g. -59m, -8h, 3w 2d

Auto-complete

No

Supported operators

>, >=, <, <=

Unsupported operators

=, ~, !~, !=, IN, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[introducedDate] >= -8h

  • Searches vulnerabilities that were introduced within the last 8 hours.

vulnerability[introducedDate] > "2023-12-01 00:00"

  • Searches vulnerabilities that were introduced after 12:00 a.m. on January 1, 2024.

vulnerability[introducedDate] >= "2023-12-01" and vulnerability[introducedDate] <= "2023-12-31"

  • Searches vulnerabilities that were introduced between December 1 to 31, 2023.


vulnerability[displayName]

Syntax

vulnerability[displayName]

Field Type

TEXT

Auto-complete

No

Supported operators

=, !=

Unsupported operators

~, !~, >, >=, <, <=, IN, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[displayName] = “Improper Input Validation”

  • Searches vulnerabilities with “Improper Input Validation” in their display name.

vulnerability[displayName] != “Cross-site Scripting (XSS)”

  • Searches vulnerabilities without “Cross-site Scripting (XSS)” in their display name.


vulnerability[identifiers]

Syntax

vulnerability[identifiers]

Field Type

TEXT

Auto-complete

No

Supported operators

=, IN

Unsupported operators

~, !~, >, >=, <, <=, !=, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[identifiers] = “SNYK-JS-IP-6240864”

  • Searches vulnerabilities with “SNYK-JS-IP-6240864” in their identifier.

vulnerability[identifiers] IN (“CWE-79”, “CWR-80”)

  • Searches vulnerabilities with “CWE-79” or “CWR-80” in their identifier.


vulnerability[additionalInfoContent]

Syntax

vulnerability[additionalInfoContent]

Field Type

TEXT

Auto-complete

No

Supported operators

=, !=

Unsupported operators

~, !~, >, >=, <, <=, IN, NOT IN, IS, IS NOT, WAS, WAS IN, WAS NOT, WAS NOT IN, CHANGED

Examples

vulnerability[additionalInfoContent] = “security-container-1”

  • Searches vulnerabilities with “security-container-1” in their additional information.

vulnerability[additionalInfoContent] != “security-container-2”

  • Searches vulnerabilities without “security-container-2” in their additional information.

 

Still need help?

The Atlassian Community is here for you.