API Documentation
...
Model Scanner
<POST> Supply chain update policy
1 min
the supply chain update policy api allows users to update security policies related to repository scans this enables customization of scan format suppression, file format suppression, vulnerability types, and tool strictness levels , genai framework detection , report generation , etc ensuring compliance with security requirements { "name" "update policy", "method" "post", "url" "https //api aws boschaishield com/prod/api/ais/v1 5/developer/update policy", "description" "this api requires a json request body containing the policy updates ", "tab" "examples", "examples" { "languages" \[ { "id" "frgapb2ad4 u5wqru ras", "language" "python", "code" "import requests\n\nurl = \\"https //api aws boschaishield com/prod/api/ais/v1 5/generate model id\\"\n\npayload = {}\nheaders = {\n 'x api key' 'string',\n 'org id' 'string'\n}\n\nresponse = requests request(\\"post\\", url, headers=headers, data=payload)\n\nprint(response text)\n", "customlabel" "" }, { "id" "hwvu0icwyys9t1z8wwabj", "language" "curl", "code" "curl location request post 'https //api aws boschaishield com/prod/api/ais/v1 5/generate model id' \\\\\n header 'x api key string' \\\\\n header 'org id string'", "customlabel" "" }, { "id" "cgj5 5ddtbzwdaujtn5a9", "language" "nodejs", "code" "var request = require('request');\nvar options = {\n 'method' 'post',\n 'url' 'https //api aws boschaishield com/prod/api/ais/v1 5/generate model id',\n 'headers' {\n 'x api key' 'string',\n 'org id' 'string'\n }\n};\nrequest(options, function (error, response) {\n if (error) throw new error(error);\n console log(response body);\n});\n", "customlabel" "" }, { "id" "zp0khmgw1w3fwteqb2fgn", "language" "javascript", "code" "var myheaders = new headers();\nmyheaders append(\\"x api key\\", \\"string\\");\nmyheaders append(\\"org id\\", \\"string\\");\n\nvar requestoptions = {\n method 'post',\n headers myheaders,\n redirect 'follow'\n};\n\nfetch(\\"https //api aws boschaishield com/prod/api/ais/v1 5/generate model id\\", requestoptions)\n then(response => response text())\n then(result => console log(result))\n catch(error => console log('error', error));", "customlabel" "" }, { "id" "vj8db tfeqazwm4gtamg", "language" "ruby", "code" "require \\"uri\\"\nrequire \\"net/http\"\n\nurl = uri(\\"https //api aws boschaishield com/prod/api/ais/v1 5/generate model id\\")\n\nhttps = net http new(url host, url port)\nhttps use ssl = true\n\nrequest = net http post new(url)\nrequest\[\\"x api key\\"] = \\"string\\"\nrequest\[\\"org id\\"] = \\"string\\"\n\nresponse = https request(request)\nputs response read body\n", "customlabel" "" } ], "selectedlanguageid" "frgapb2ad4 u5wqru ras" }, "results" { "languages" \[ { "id" "n1fpc35szxbcewxck2psw", "language" "200", "customlabel" "", "code" "//200 policy updated successfully" }, { "id" "horypjvdzsbrzlir1dshs", "language" "401", "code" "// 401 unauthorized returns an error message if the provided api key or org id is invalid or expired ", "customlabel" "" }, { "id" "idvosm2klznuhseonktcg", "language" "400", "customlabel" "", "code" "// 400 bad request error returns an error message if the application cannot or will not process the request due to something that is perceived to be a client error (for example, malformed request syntax, invalid request message framing, etc )" }, { "id" "fxgzoafylqrrate0xu1u7", "language" "412", "code" "// 412 precondition failed returns an error message if access to the target resource has been denied (for example if any of the parameter value is incorrect or license has expired)", "customlabel" "" } ], "selectedlanguageid" "n1fpc35szxbcewxck2psw" }, "request" { "pathparameters" \[], "queryparameters" \[], "headerparameters" \[ { "name" "x api key", "kind" "required", "type" "string", "description" "enter your api key", "" "required" }, { "name" "org id", "kind" "required", "type" "string", "description" "enter your organization id", "" "enter your organization id" } ], "bodydataparameters" \[ { "name" "file format suppression", "kind" "required", "type" "object", "description" "the file format suppression policy allows users to suppress scanning for specific file extensions if suppressed is set to true, the specified file types will skipped during the supply chain security analysis ", "" "required", "children" \[ { "name" " bin", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " ckpt", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " gguf", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " h5", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " keras", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " onnx", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pb", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pkl", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pt", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pth", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " safetensors", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " zip", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] } ], "schema" \[ { "name" " bin", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " ckpt", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " gguf", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " h5", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " keras", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " onnx", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pb", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pkl", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pt", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " pth", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " safetensors", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] }, { "name" " zip", "kind" "required", "type" "object", "description" "file extension of the file", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active, and the file will be skipped during scanning if set to false, the policy is inactive, and the file will be considered for analysis " } ] } ] }, { "name" "genai framework detection", "kind" "required", "type" "object", "description" "enables automatic identification of generative ai related libraries (e g , transformers, openai, langchain) during source or dependency scanning ", "" "required", "children" \[ { "name" "enabled", "kind" "required", "type" "boolean", "description" "if enabledis set to true, the policy is active, and the genai framework will be detected during scanning if set to false, it will not be detected as genai framework " } ], "schema" \[ { "name" "enabled", "kind" "required", "type" "boolean", "description" "if enabledis set to true, the policy is active, and the genai framework will be detected during scanning if set to false, it will not be detected as genai framework " } ] }, { "name" "report generation", "kind" "required", "type" "object", "description" "controls whether a report is generated during the scan process ", "" "required", "children" \[ { "name" "pdf", "kind" "required", "type" "boolean", "description" "if pdf=true, a pdf report will be generated after the scan; if pdf=false, no pdf report will be created " } ], "schema" \[ { "name" "pdf", "kind" "required", "type" "boolean", "description" "if pdf=true, a pdf report will be generated after the scan; if pdf=false, no pdf report will be created " } ] }, { "name" "scan format suppression", "kind" "required", "type" "object", "description" "allows selective suppression of specific scan formats like sast (static application security testing) or sbom/sca (software bill of materials/software composition analysis) ", "" "allows selective suppression of specific scan formats like sast (static application security testing) or sbom/sca (software bill of materials/software composition analysis) ", "children" \[ { "name" "sast", "kind" "required", "type" "object", "description" "static application security testing", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active if set to false, the policy is inactive " } ] }, { "name" "sbom/sca", "kind" "required", "type" "object", "description" "software bill of materials/software composition analysis", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active if set to false, the policy is inactive " } ] } ], "schema" \[ { "name" "sast", "kind" "required", "type" "object", "description" "static application security testing", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active if set to false, the policy is inactive " } ] }, { "name" "sbom/sca", "kind" "required", "type" "object", "description" "software bill of materials/software composition analysis", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "if suppressed is set to true, the policy is active if set to false, the policy is inactive " } ] } ] }, { "name" "vulnerability type", "kind" "required", "type" "object", "description" "this section defines a configurable list of ai/ml model related vulnerabilities, where each vulnerability can be suppressed or actively scanned based on the configuration ", "" "required", "children" \[ { "name" "ais bm s 01", "kind" "required", "type" "object", "description" "the ai bom indicates presence of packages with cves or other reported vulnerabilities ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais cp d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of checkpoint files, which could lead to unintended code execution or model manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais gu r 01", "kind" "required", "type" "object", "description" "a runtime threat in gguf files caused by malicious or improperly formatted data ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais gu r 02", "kind" "required", "type" "object", "description" "a vulnerability in the gguf format with invalid or unreadable template this is an indication of a potential file tampering ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr b 01", "kind" "required", "type" "object", "description" "a vulnerability in the keras model files indicating presence of potential backdoor / unsafe operations ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr b 02", "kind" "required", "type" "object", "description" "non standard keras layers are found in the model potential backdoor ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr d 01", "kind" "required", "type" "object", "description" "a vulnerability in deserializing keras model files, which might expose systems to malicious code ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais mi d 01", "kind" "required", "type" "object", "description" "a vulnerability in zip files that can introduce trojans or corrupted data into the system ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais on b 01", "kind" "required", "type" "object", "description" "a backdoor vulnerability within onnx model files, potentially allowing hidden operations to be triggered ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais on r 01", "kind" "required", "type" "object", "description" "a runtime vulnerability caused by corrupted or manipulated onnx files, leading to unexpected behavior ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pk d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of pickle files, which could lead to arbitrary code execution if files are manipulated ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pt d 01", "kind" "required", "type" "object", "description" "a vulnerability in the pickle serialization of pytorch models that could lead to code execution when loading malicious files ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pt d 02", "kind" "required", "type" "object", "description" "a serialization vulnerability in pytorch models, which may enable code execution or file manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais py s 01", "kind" "required", "type" "object", "description" "python scripts contain compromised components, libraries, and user secrets ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais st d 01", "kind" "required", "type" "object", "description" "a vulnerability in safetensors files caused by improper file formatting, potentially leading to security breaches ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais st d 02", "kind" "required", "type" "object", "description" "a vulnerability in safetensors file shards that allows malicious actors to exploit path traversal issues ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 01", "kind" "required", "type" "object", "description" "a backdoor in tensorflow protocol buffers files, potentially allowing malicious actors to execute arbitrary commands ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 02", "kind" "required", "type" "object", "description" "a backdoor vulnerability in tensorflow or keras h5 files, introduced via malicious layers in the model ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 03", "kind" "required", "type" "object", "description" "non standards tensorflow/keras layer was found potential backdoor ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of protocol buffers files, which could lead to code execution or data manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf d 02", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of tensorflow or keras h5 files, which may lead to malicious code execution or corruption ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf r 01", "kind" "required", "type" "object", "description" "a vulnerability in the tensorflow/keras file format where an invalid magic number is detected in the file ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] } ], "schema" \[ { "name" "ais bm s 01", "kind" "required", "type" "object", "description" "the ai bom indicates presence of packages with cves or other reported vulnerabilities ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais cp d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of checkpoint files, which could lead to unintended code execution or model manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais gu r 01", "kind" "required", "type" "object", "description" "a runtime threat in gguf files caused by malicious or improperly formatted data ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais gu r 02", "kind" "required", "type" "object", "description" "a vulnerability in the gguf format with invalid or unreadable template this is an indication of a potential file tampering ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr b 01", "kind" "required", "type" "object", "description" "a vulnerability in the keras model files indicating presence of potential backdoor / unsafe operations ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr b 02", "kind" "required", "type" "object", "description" "non standard keras layers are found in the model potential backdoor ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais kr d 01", "kind" "required", "type" "object", "description" "a vulnerability in deserializing keras model files, which might expose systems to malicious code ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais mi d 01", "kind" "required", "type" "object", "description" "a vulnerability in zip files that can introduce trojans or corrupted data into the system ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais on b 01", "kind" "required", "type" "object", "description" "a backdoor vulnerability within onnx model files, potentially allowing hidden operations to be triggered ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais on r 01", "kind" "required", "type" "object", "description" "a runtime vulnerability caused by corrupted or manipulated onnx files, leading to unexpected behavior ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pk d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of pickle files, which could lead to arbitrary code execution if files are manipulated ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pt d 01", "kind" "required", "type" "object", "description" "a vulnerability in the pickle serialization of pytorch models that could lead to code execution when loading malicious files ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais pt d 02", "kind" "required", "type" "object", "description" "a serialization vulnerability in pytorch models, which may enable code execution or file manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais py s 01", "kind" "required", "type" "object", "description" "python scripts contain compromised components, libraries, and user secrets ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais st d 01", "kind" "required", "type" "object", "description" "a vulnerability in safetensors files caused by improper file formatting, potentially leading to security breaches ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais st d 02", "kind" "required", "type" "object", "description" "a vulnerability in safetensors file shards that allows malicious actors to exploit path traversal issues ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 01", "kind" "required", "type" "object", "description" "a backdoor in tensorflow protocol buffers files, potentially allowing malicious actors to execute arbitrary commands ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 02", "kind" "required", "type" "object", "description" "a backdoor vulnerability in tensorflow or keras h5 files, introduced via malicious layers in the model ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf b 03", "kind" "required", "type" "object", "description" "non standards tensorflow/keras layer was found potential backdoor ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf d 01", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of protocol buffers files, which could lead to code execution or data manipulation ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf d 02", "kind" "required", "type" "object", "description" "a vulnerability in the deserialization of tensorflow or keras h5 files, which may lead to malicious code execution or corruption ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] }, { "name" "ais tf r 01", "kind" "required", "type" "object", "description" "a vulnerability in the tensorflow/keras file format where an invalid magic number is detected in the file ", "children" \[ { "name" "suppressed", "kind" "required", "type" "boolean", "description" "set to true to disable this vulnerability check, or false to enable it " }, { "name" "custom severity", "kind" "optional", "type" "string", "description" "allows you to define a custom severity level for the vulnerability id if not provided, the system will automatically apply the default severity based on internal rules " }, { "name" "customized by user", "kind" "optional", "type" "boolean", "description" "indicates whether the severity has been customized by the user if true, the severity value was manually defined by the user if false, the system assigned default severity is used this is system generated " }, { "name" "customized severity allowed", "kind" "optional", "type" "boolean", "description" "indicates whether custom severity mapping is allowed if set to true, users can define their own severity levels using the custom severity field if false, only the system defined default severity will be used this is system generated " } ] } ] }, { "name" "tool strictness", "kind" "optional", "type" "object", "description" "the tool strictness parameter defines the security level applied to different file types during analysis it specifies how strictly the tool should assess and flag potential security risks based on the file format ", "" "the tool strictness parameter defines the security level applied to different file types during analysis it specifies how strictly the tool should assess and flag potential security risks based on the file format ", "children" \[ { "name" " pkl", "kind" "optional", "type" "object", "description" "specifies the security strictness level for pickle ( pkl) files", "children" \[ { "name" "level", "kind" "optional", "type" "string", "description" "specifies the strictness level for pkl files options are 'low', 'medium' and 'high'" } ] } ], "schema" \[ { "name" " pkl", "kind" "optional", "type" "object", "description" "specifies the security strictness level for pickle ( pkl) files", "children" \[ { "name" "level", "kind" "optional", "type" "string", "description" "specifies the strictness level for pkl files options are 'low', 'medium' and 'high'" } ] } ] } ], "formdataparameters" \[] }, "currentnewparameter" { "label" "body parameter", "value" "bodydataparameters" }, "hastryitout" true }