Get CVEs by Package UUID

GET 
/code/api/v1/vulnerabilities/packages/:packageUuid/cves

Get cves by package uuid.

Request

Path Parameters

packageUuid stringrequired

Query Parameters

directOnly boolean

Responses

200

cves

application/json

Schema

Schema

data object[]required
Array [
causePackageId stringnullablerequired
cveId stringrequired
cvss doublenullablerequired
description stringnullablerequired
fixVersion stringrequired
link stringnullablerequired
packageName stringrequired
packageVersion stringrequired
publishedDate stringrequired
riskFactors objectrequired
object
anyOf
severity stringrequired
uuid stringrequired
vector stringnullablerequired
]
packageUuid stringrequired

Example (from schema)

{
  "data": [
    {
      "causePackageId": "string",
      "cveId": "string",
      "cvss": 0,
      "description": "string",
      "fixVersion": "string",
      "link": "string",
      "packageName": "string",
      "packageVersion": "string",
      "publishedDate": "string",
      "riskFactors": {},
      "severity": "string",
      "uuid": "string",
      "vector": "string"
    }
  ],
  "packageUuid": "string"
}

Example 1

{
  "data": [
    {
      "causePackageId": null,
      "cveId": "CVE-2017-16026",
      "cvss": 4,
      "description": "Request is an http client. If a request is made using ```multipart```, and the body type .....",
      "fixVersion": "",
      "link": "https://nvd.nist.gov/vuln/detail/CVE-2017-16026",
      "packageName": "request",
      "packageVersion": "2.36.0",
      "publishedDate": "2018-06-04T19:29:00.000Z",
      "riskFactors": {
        "DoS": false,
        "HasFix": false,
        "Severity": "Low"
      },
      "severity": "LOW",
      "uuid": "4714c309-f02e-4288-9e85-2e7f0356ad24",
      "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
    },
    {
      "causePackageId": "2126d52e-484b-45c3-9896-c4c9cddb2dd5",
      "cveId": "CVE-2014-7191",
      "cvss": 7,
      "description": "The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.",
      "fixVersion": "",
      "link": "https://nvd.nist.gov/vuln/detail/CVE-2014-7191",
      "packageName": "request",
      "packageVersion": "2.36.0",
      "publishedDate": "2014-10-19T01:55:00.000Z",
      "riskFactors": {
        "Complexity": "low",
        "DoS": true,
        "HasFix": true,
        "Severity": "High",
        "Vector": "network"
      },
      "severity": "HIGH",
      "uuid": "d88564ba-bf2a-49cf-912c-b91bd0c4442c",
      "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"
    }
  ],
  "packageUuid": "a3d99fe0-98f3-41f6-8de4-4d9691786833"
}

422

Request arguments validation error

Loading...