| Info |
|---|
Please file issues using VINCE or GitHub. |
Authentication
The Vulnerability Note The kb.cert.org API is different from the VINCE API. This is an API for all of our public vul notes. No authentication needed.
The following API requests are for a specific VU#
The Vulnerability Note API does not require authentication, Vulnerability Notes are public.
Code Examples
Get Vulnerability Note content
#
# get content for VU#257161
#
|
# get vulnote for VU#257161 https:
{
"vuid": "VU#257161",
"idnumber": "257161",
"name": "Treck IP stacks contain multiple vulnerabilities",
"keywords": null, ....
|
vuls vulnerabilities for VU#257161
|
{
"note": "257161",
"cve": "2020-11907",
"description": "Improper Handling of Length Parameter Inconsistency (CWE-130) in TCP component. A remote attacker can send a malformed TCP packet that can cause trigger an integer underflow event leading to unexpected behavior of a crash or segmentation fault on the target device.",
"uid": "CVE-2020-11907",
"case_increment": 12,
"date_added": "2020-06-16T17:13:46.826755Z",
"dateupdated": "2021-02-25T18:15:04.627659Z"
}, ....
|
#get vendors # get vendors (including status and statements) for VU#257161
#
|
this gets general statement for a vendor
#
# get vendor/vul status for VU#257161
# this will list the vendor status for each vulnerability identified
#
https:
|
{
"vul": "CVE-2020-11907",
"vendor": "QNAP",
"status": "Not Affected",
"date_added": "2020-10-08T14:58:54.963610Z",
"dateupdated": "2021-02-25T18:15:11.244358Z",
"references": null,
"statement": null
}, ...
|
#search # search by CVE
#
https:
{
"vulnerability": {
"note": "257161",
"cve": "2020-11907",
"description": "Improper Handling of Length Parameter Inconsistency (CWE-130) in TCP component. A remote attacker can send a malformed TCP packet that can cause trigger an integer underflow event leading to unexpected behavior of a crash or segmentation fault on the target device.",
"uid": "CVE-2020-11907",
"case_increment": 12,
"date_added": "2020-06-16T17:13:46.826755Z",
"dateupdated": "2021-02-25T18:15:04.627659Z"
},
"note": {
"vuid": "VU#257161",
...
},
"vendors":[
{
"vul": "CVE-2020-11907",
"vendor": "QNAP",
"status": "Not Affected",
"date_added": "2020-10-08T14:58:54.963610Z",
"dateupdated": "2021-02-25T18:15:11.244358Z",
"references": null,
"statement": null
},
....
]
}
|
The following requests are for summarizing vuls/notes over a year:
Get summary Vulnerability Notes for time period
#get VU#s for Vulnerability Notes published in 2020:
|
https:
{
"count": 40,
"notes": [
"VU#498544",
"VU#491944",
"VU#335217",
"VU#962085",
...
]
}
# get a summary for
|
Dec. December 2020: https:
{
"count": 3,
"notes": [
"VU#815128",
"VU#429301",
"VU#843464"
]
}
|
for Dec 2020: all vulnotes Vulnerability Notes published in December 2020
#
|
all vendors for Nov 2010:vendors listed in Vulnerability Notes published in November 2010
#
https:
|
#get for Nov 2010: published in November 2010
#
https:
|
/ #get all vendors affected in 2020:https://kb.cert.org/vuls/api/vendors/2020/summary