Skip to content

Vendors API

GET /vendors

List the vendors.

Parameters:

  • page (optional, default: 1): the page to start

Example request:

GET /api/vendors HTTP/1.1
Host: app.opencve.io
Accept: application/json

Example response:

HTTP/1.1 200 OK
{
  "count": 35039,
  "next": "https://app.opencve.io/api/vendors?page=2",
  "previous": null,
  "results": [
    {
      "id": "8ea36c19-7f26-4ec6-b434-e8d307b7b67c",
      "created_at": "2024-09-06T08:15:43.712229Z",
      "updated_at": "2024-09-06T08:15:43.712229Z",
      "name": "wordpress"
    },
    [...]
  ]
}

GET /vendors/<name>

Get the details of a specific vendor.

Example request:

GET /api/vendors/wordpress HTTP/1.1
Host: app.opencve.io
Accept: application/json

Example response:

HTTP/1.1 200 OK
{
  "id": "8ea36c19-7f26-4ec6-b434-e8d307b7b67c",
  "created_at": "2024-09-06T08:15:43.712229Z",
  "updated_at": "2024-09-06T08:15:43.712229Z",
  "name": "wordpress"
}

GET /vendors/<name>/cve

List the CVEs associated to a vendor.

Parameters:

  • page (optional, default: 1): the page to start

Example request:

GET /api/vendors/wordpress/cve HTTP/1.1
Host: app.opencve.io
Accept: application/json

Example response:

HTTP/1.1 200 OK
{
  "count": 639,
  "next": "https://app.opencve.io/api/vendors/wordpress/cve?page=2",
  "previous": null,
  "results": [
    {
      "created_at": "2024-10-16T06:43:41.734000Z",
      "updated_at": "2024-10-30T15:58:30.907000Z",
      "cve_id": "CVE-2022-4973",
      "description": "WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page."
    },
    ...
  ]
}