API Resources

GET
/v3/cpe

Request vulnerabilities related to a CPE

Based on the specified CPE (Common Platform Enumeration) URI string, this endpoint will return a list of vulnerabilities that are related to the package. We support v2.2 and v2.3

Path Parameters

cpe

string required

CPE scheme using either the v2.2 or v2.3 format

isVulnerable

boolean

Returns only CVEs associated with a CPE where the CPE is considered vulnerable.
By default the API will return all CVEs in which the CPE is mentioned, whether the CPE is the source of the vulnerability or not. For example, cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* is listed in many CVEs as part of a vulnerable configuration, but only one where the the device itself is inherently vulnerable.
isVulnerable=true - Return only the CVEs where the CPE is vulnerable.

Example Requests

curl --request GET \
    --url https://api.vulncheck.com/v3/cpe?cpe=cpe:/a:microsoft:internet_explorer:8.0.6001:beta \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer insert_token_here'

package main

import (
    "context"
    "encoding/json"
    "fmt"
    "log"
    "os"

    "github.com/vulncheck-oss/sdk-go-v2/vulncheck"
)

func main() {
    configuration := vulncheck.NewConfiguration()
    configuration.Scheme = "https"
    configuration.Host = "api.vulncheck.com"

    client := vulncheck.NewAPIClient(configuration)

    token := os.Getenv("VULNCHECK_API_TOKEN")
    auth := context.WithValue(
        context.Background(),
        vulncheck.ContextAPIKeys,
        map[string]vulncheck.APIKey{
            "Bearer": {Key: token},
        },
    )
    resp, httpRes, err := client.EndpointsAPI.CpeGet(auth).Cpe("cpe:/a:microsoft:internet_explorer:8.0.6001:beta").Execute()

    if err != nil || httpRes.StatusCode != 200 {
        log.Fatal(err)
    }

    prettyJSON, err := json.MarshalIndent(resp.Data, "", "  ")
    if err != nil {
        log.Fatalf("Failed to generate JSON: %v", err)
        return
    }

    fmt.Println(string(prettyJSON))
}

import vulncheck_sdk

configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"

with vulncheck_sdk.ApiClient(configuration) as api_client:
    endpoints_client = vulncheck_sdk.EndpointsApi(api_client)

    api_response = endpoints_client.cpe_get("cpe:/a:microsoft:internet_explorer:8.0.6001:beta")

    print(api_response.data)

vulncheck cpe cpe:/a:microsoft:internet_explorer:8.0.6001:beta

Response

{
  "_benchmark": 0.09967,
  "_meta": {
    "cpe": "cpe:/a:microsoft:internet_explorer:8.0.6001:beta",
    "cpe_struct": {
      "part": "a",
      "vendor": "microsoft",
      "product": "internet_explorer",
      "version": "8\\.0\\.6001",
      "update": "beta",
      "edition": "*",
      "language": "*",
      "sw_edition": "*",
      "target_sw": "*",
      "target_hw": "*",
      "other": "*"
    },
    "timestamp": "2023-09-11T15:03:41.041475537Z",
    "total_documents": 15
  },
  "data": [
    "CVE-2008-4127",
    "CVE-2010-0246",
    "CVE-2010-0248",
    "CVE-2010-0494",
    "CVE-2002-2435",
    "CVE-2012-1545",
    "CVE-2010-0027",
    "CVE-2010-5071",
    "CVE-2010-0492",
    "CVE-2010-1117",
    "CVE-2010-0245",
    "CVE-2010-0490",
    "CVE-2009-2433",
    "CVE-2011-2383",
    "CVE-2010-0244"
  ]
}

/v3/purl

/v3/rules/initial-access/{rules}

GET/v3/cpe

Path Parameters

Example Requests

Response

GET
/v3/cpe