API Resources

POST
/v3/purls

Request vulnerabilities related to a list of PURLs

Based on the specified PURLs, this endpoint will return a list PURLs with related vulnerabilities.

You can find a list of supported package managers here

Request Body

purls

list required

Package URL Schemes

Example Requests

curl --request POST \
  --url https://api.vulncheck.com/v3/purls \
  --header 'Authorization: Bearer insert_token_here' \
  --data '[
  "pkg:hex/coherence@0.1.2",
  "pkg:conan/assimp@5.1.0",
  "pkg:conan/crossguid@0.2.2",
]'

package main

import (
 "context"
 "encoding/json"
 "fmt"
 "log"
 "os"

 vulncheck "github.com/vulncheck-oss/sdk-go-v2/v2"
)

func main() {
 configuration := vulncheck.NewConfiguration()
 configuration.Scheme = "https"
 configuration.Host = "api.vulncheck.com"

 client := vulncheck.NewAPIClient(configuration)

 token := os.Getenv("VULNCHECK_API_TOKEN")
 auth := context.WithValue(
  context.Background(),
  vulncheck.ContextAPIKeys,
  map[string]vulncheck.APIKey{
   "Bearer": {Key: token},
  },
 )
 purls := []string{"pkg:hex/coherence@0.1.2", "pkg:conan/assimp@5.1.0", "pkg:conan/crossguid@0.2.2"}

 resp, httpRes, err := client.EndpointsAPI.PurlsPost(auth).Purls("pkg:hex/coherence@0.1.2").Execute()

 if err != nil || httpRes.StatusCode != 200 {
  log.Fatal(err)
 }

 prettyJSON, err := json.MarshalIndent(resp.Data, "", "  ")
 if err != nil {
  log.Fatalf("Failed to generate JSON: %v", err)
  return
 }

 fmt.Println(string(prettyJSON))
}

import vulncheck_sdk

configuration = vulncheck_sdk.Configuration(host="https://api.vulncheck.com/v3")
configuration.api_key["Bearer"] = "insert_token_here"

purls = [
    "pkg:hex/coherence@0.1.2",
    "pkg:conan/assimp@5.1.0",
    "pkg:conan/crossguid@0.2.2",
]

with vulncheck_sdk.ApiClient(configuration) as api_client:
    endpoints_api = vulncheck_sdk.EndpointsApi(api_client)
    api_response = endpoints_api.purls_post(purls=purls)

    if api_response.data is not None:
        for purl_result in api_response.data:
            print(purl_result.purl)
            print(purl_result.cves)

Response

{
  "_benchmark": 0.173334,
  "_meta": {
    "timestamp": "2025-12-12T21:22:37.41976683Z",
    "total_documents": 1
  },
  "data": [
    {
      "purl": "pkg:hex/coherence@0.1.2",
      "purl_struct": {
        "type": "hex",
        "namespace": "",
        "name": "coherence",
        "version": "0.1.2",
        "qualifiers": null,
        "subpath": ""
      },
      "cves": [
        "CVE-2018-20301"
      ],
      "vulnerabilities": [
        {
          "detection": "CVE-2018-20301",
          "fixed_version": "0.5.2"
        }
      ]
    }
  ]
}

/v3/purl

/v3/cpe

POST/v3/purls

Request Body

Example Requests

Response

POST
/v3/purls