API Documentation
Your own tools can interact with OpenCVE using its REST API. You can list the last CVEs per project, filter them by vendor or CVSS.
The API of the OpenCVE Cloud instance is available on https://app.opencve.io/api.
Warning
The OpenCVE API is still in Beta, some changes may appear until the stable version.
Authentication
We only support basic authentication for now, but we plan to add other ones like token based authentication.
To use the Basic Authentication with the OpenCVE API, simply pass your credentials in the Authorization
header.
Most clients do it for you, for example using curl
:
curl -u username:password https://app.opencve.io/api/cve
You can omit your password, curl will interactively ask you.
Pagination
Some endpoints can return lots of results (list the CVEs for instance). In these cases the request must be paginated with the ?page
parameter.
Example with the list of CVEs:
$ curl -u username:password https://app.opencve.io/api/cve?page=10
{
"count": 262939,
"next": "https://app.opencve.io/api/cve?page=11",
"previous": "https://app.opencve.io/api/cve?page=9",
"results": [
...
]
}
The next
and previous
keys help you to navigate in the API.
When no result is found (the page parameter is too high), a 404
HTTP status code is returned.
The default number of returned items per page in 10
. You can change it in your settings.py
file:
# web/opencve/conf/settings.py
...
REST_FRAMEWORK["PAGE_SIZE"] = 10
...