Automation smart values - security

Smart values let you access data in Automation. Check out how we use smart values in our Jira automation template library.

To return data from these smart values, you need a security tool connected to your project. Learn more about integrating security tools

Smart values

{{vulnerability.displayName}}

Returns the display name of the vulnerability.

1 2 3 4 5 {{vulnerability.displayName}} //returns SQL injection

{{vulnerability.description}}

Returns the vulnerability description in plain text as sent from the security tool in markdown format. Description modifiers can convert the description to other formats.

1 2 3 4 5 {{vulnerability.description}} //returns # Vulnerability \n **Severity: Critical** \n [Open in security tool](https://example.com)

{{vulnerability.type}}

Returns the type of vulnerability, for example DAST, SAST or SCA.

1 2 3 4 5 {{vulnerability.type}} //returns sca

{{vulnerability.introducedDate}}

Returns a timestamp showing the date and time the vulnerability was introduced.

1 2 3 4 5 {{vulnerability.introducedDate}} //returns 2023-04-28T02:58:26.7+0000

{{vulnerability.lastUpdatedDate}}

Returns a timestamp showing the date and time the vulnerability was last updated.

1 2 3 4 5 {{vulnerability.lastUpdatedDate}} //returns 2023-05-03T15:47:23.5+0000

{{vulnerability.severity}}

Returns the vulnerability severity in plain text as sent from the security tool. Will return either critical, high, medium, low, or unknown.

1 2 3 4 5 {{vulnerability.severity}} //returns critical

{{vulnerability.identifiers}}

Returns a list of CVE identifiers for the vulnerability.

1 2 3 4 5 {{vulnerability.identifiers}} //returns CVE-2023-25813, CWE-89

{{vulnerability.additionalInfoContent}}

Returns additional information content.

1 2 3 4 5 {{vulnerability.additionalInfoContent}} //returns package.json

{{vulnerability.additionalInfoURL}}

Returns a URL for additional information.

1 2 3 4 5 {{vulnerability.additionalInfoURL}} //returns exampleadditionalinfo.com

{{vulnerability.status}}

Returns the status of the vulnerability. Will return either open, closed, ignored or unknown.

1 2 3 4 5 {{vulnerability.status}} //returns open

{{vulnerability.url}}

Returns a specific URL for the vulnerability on the security tool provider’s site.

1 2 3 4 5 {{vulnerability.url}} //returns examplelinktovuln.com

Description modifiers

The description from security tool providers is sent in markdown format. The create issue action only accepts plain text or wiki text, and the send email action requires HTML, so modifiers are used to convert the markdown text to these formats.

{{vulnerability.description.text}}

Returns the vulnerability description in plain text as sent by the security tool provider in markdown format.

1 2 3 4 5 {{vulnerability.description.text}} //returns # Vulnerability \n **Severity: Critical** \n [Open in security tool](https://example.com)

{{vulnerability.description.wiki}}

Returns the vulnerability description as wiki text. Can be used with the create issue action to enter the vulnerability description in the issue’s description field.

1 2 3 4 5 {{vulnerability.description.wiki}} //returns h1. Vulnerability\n\n*Severity: Critical*\n[Open in security tool|https://example.com]

{{vulnerability.description.html}}

Returns the vulnerability description as HTML. Can be used in email templates if creating an automation with the send email action.

1 2 3 4 5 {{vulnerability.description.html}} //returns <h1>Vulnerability</h1>\n<p><strong>Severity: Critical</strong><br />\n<a href=\"https://example.com\">Open in security tool</a></p>\n

 

Still need help?

The Atlassian Community is here for you.