Top CVSS Score Vulnerabilities

POST 
/code/api/v2/dashboard/top-cvss

Returns the list of vulnerabilities that have the highest CVSS scores. The results also include CVE details such as Risk Factors and Severity. You can set the repositories and severities parameters in the request body to filter the results.

Request

application/json

Body

required

repositories Repository (string)[]

The repositories filter enables you to retrieve issues related to one or more repositories. You must provide the UUIDs of the repositories that you want to include in the filter. To retrieve the UUID of a repository use the List repository list endpoint. (the id field of the response has the UUID of the repository).

severities Severity (string)[]
Possible values: [INFO, LOW, MEDIUM, HIGH, CRITICAL]
The severity level of the vulnerability or misconfiguration.
• Critical: Critical severity indicates a high-risk vulnerability or misconfiguration that could lead to significant security breaches or data leaks. These issues require immediate attention and remediation.
• High: High severity indicates a significant security issue that has the potential to be exploited or result in significant damage if left unaddressed. These findings should be addressed as a priority.
• Medium: Medium severity indicates issues that pose a potential security risk that are less severe than Critical and High. Remediation of these issues should be prioritized, but they may not require immediate attention.
• Low: Low severity indicates issues that have a minimal impact on security or are relatively low-risk. While they may not pose an immediate threat, it is still recommended to address them to maintain a robust security posture.
• Info: Info severity is used for informational findings or recommendations that do not pose an immediate security risk but provide helpful guidance, best practices, or suggestions for optimization. These findings can be considered as part of ongoing security hygiene efforts.
size double

The maximum number of results included in the response.

Responses

200

Top CVSS Vulnerabilieties

application/json

Schema

Schema

data object[]required
Array [
count stringrequired
Number of Vulnerabilities found in the last scan.
cveId stringrequired
The CVE ID of the vulnerability.
cvss doublerequired
The Common Vulnerability Scoring System (CVSS) score of the vulnerability.
riskFactors objectrequired
The following risk factors are combined to determine a vulnerability's risk.
AttackComplexity stringrequired
Vulnerability is easily exploited.
AttackVector stringrequired
Vulnerability is remotely exploitable. The vulnerable component is bound to the network, and the attacker’s path is through the network.
DoS booleanrequired
Component is vulnerable to denial of service attacks, such as buffer overflow attacks, and ICMP floods. The risk is categorized as high or low based on impact.
HasFix booleanrequired
Fix is available from the vendor or package maintainer.
RemoteExecution boolean
Vulnerability can be exploited to run arbitrary code.
Severity stringrequired
The severity level of the vulnerability or misconfiguration. Possible values are INFO, LOW, MEDIUM, HIGH, or CRITICAL.
severity stringrequired
The severity level of the vulnerability or misconfiguration. Possible values are INFO, LOW, MEDIUM, HIGH, or CRITICAL.
]
lastScanDate stringrequired

The time when the last scan was triggered.

Example (from schema)

{
  "data": [
    {
      "count": "string",
      "cveId": "string",
      "cvss": 0,
      "riskFactors": {
        "AttackComplexity": "string",
        "AttackVector": "string",
        "DoS": true,
        "HasFix": true,
        "RemoteExecution": true,
        "Severity": "string"
      },
      "severity": "string"
    }
  ],
  "lastScanDate": "string"
}

401

Customer has no permitted accounts

422

Request arguments validation error

500

Failed to get top cvss vulnerabilities

Loading...