Skip to content

API Documentation

Your own tools can interact with OpenCVE using its REST API. You can list the last CVEs per project, filter them by vendor or CVSS.

The API of the OpenCVE Cloud instance is available on https://app.opencve.io/api.

Warning

The OpenCVE API is still in Beta, some changes may appear until the stable version.

Authentication

We only support basic authentication for now, but we plan to add other ones like token based authentication.

To use the Basic Authentication with the OpenCVE API, simply pass your credentials in the Authorization header.

Most clients do it for you, for example using curl :

curl -u username:password https://app.opencve.io/api/cve

You can omit your password, curl will interactively ask you.

Pagination

Some endpoints can return lots of results (list the CVEs for instance). In these cases the request must be paginated with the ?page parameter.

Example with the list of CVEs:

$ curl -u username:password https://app.opencve.io/api/cve?page=10
{
  "count": 262939,
  "next": "https://app.opencve.io/api/cve?page=11",
  "previous": "https://app.opencve.io/api/cve?page=9",
  "results": [
    ...
  ]
}

The next and previous keys help you to navigate in the API.

When no result is found (the page parameter is too high), a 404 HTTP status code is returned.

The default number of returned items per page in 10. You can change it in your settings.py file:

# web/opencve/conf/settings.py
...
REST_FRAMEWORK["PAGE_SIZE"] = 10
...