Info |
---|
Please file issues using VINCE or GitHub. |
Authentication
The Vulnerability Note The kb.cert.org API is different from the VINCE API. This is an API for all of our public vul notes. No authentication needed.
The following API requests are for a specific VU#
...
The Vulnerability Note API does not require authentication, Vulnerability Notes are public.
Code Examples
Get Vulnerability Note content
Code Block |
---|
|
#
# get content for VU#257161
#
https://kb.cert.org/vuls/api/257161/ |
...
...
...
...
"name": "Treck IP stacks contain multiple vulnerabilities", |
...
...
#
# get vulnerabilities for VU#257161
#
https://kb.cert.org/vuls/api/257161/vuls/ |
...
...
...
...
"description": "Improper Handling of Length Parameter Inconsistency (CWE-130) in TCP component. |
...
A remote attacker can send a malformed TCP packet that can cause trigger an integer underflow event leading to unexpected behavior of a crash or segmentation fault on the target device.", |
...
...
...
"date_added": "2020-06-16T17:13:46.826755Z", |
...
"dateupdated": "2021-02-25T18:15:04.627659Z" |
...
...
#
# get vendors (including status and statements) for VU#257161
#
https://kb.cert.org/vuls/api/257161/vendors/ |
...
...
...
"contact_date": "2020-05-07T17:38:23Z", |
...
...
...
...
"dateupdated": "2021-02-25T18:15:20.742422Z", |
...
...
"addendum": "Sonicwall has mentioned that Treck stack is not in use in their SonicOS\r\ |
...
nhttps://community.sonicwall.com/technology-and-support/discussion/931/about-ripple20" |
...
...
#
# get vendor/vul status |
...
for VU#257161
# this will list the vendor status for each vulnerability identified
#
https://kb.cert.org/vuls/api/257161/vendors/vuls/ |
...
...
...
...
"status": "Not Affected", |
...
"date_added": "2020-10-08T14:58:54.963610Z", |
...
"dateupdated": "2021-02-25T18:15:11.244358Z", |
...
...
...
...
#
# search by CVE ID
#
https://kb.cert.org/vuls/api/vuls/cve/2020-11907/ |
...
...
...
...
...
"description": "Improper Handling of Length Parameter Inconsistency (CWE-130) in TCP component. |
...
A remote attacker can send a malformed TCP packet that can cause trigger an integer underflow event leading to unexpected behavior of a crash or segmentation fault on the target device.", |
...
...
...
"date_added": "2020-06-16T17:13:46.826755Z", |
...
"dateupdated": "2021-02-25T18:15:04.627659Z" |
...
...
...
...
...
...
...
{
"vul": "CVE-2020-11907", |
...
...
"status": "Not Affected", |
...
"date_added": "2020-10-08T14:58:54.963610Z", |
...
"dateupdated": "2021-02-25T18:15:11.244358Z", |
...
...
...
...
...
Get summary Vulnerability Notes for time period
Code Block |
---|
|
#
# get summary of Vulnerability Notes published in 2020
#
|
The following requests are for summarizing vuls/notes over a year:
...
https://kb.cert.org/vuls/api/ |
...
...
...
...
...
...
...
...
...
...
...
}
#
# get summary for December 2020
#
https://kb.cert.org/vuls/api/2020/12/summary/ |
...
...
...
...
...
...
...
...
}
#
# get Vulnerability Notes published in December 2020
#
https://kb.cert.org/vuls/api/2020/12/ |
...
#
# get vendors listed in Vulnerability Notes published in November 2010
#
https://kb.cert.org/vuls/api/vendors/2010/11/summary/ |
...
#
# get all vendor records published in November 2010
#
https://kb.cert.org/vuls/api/vendors/2010/11 |
...