Skip to content

CVEs API

GET /cve

List the CVEs.

Parameters:

  • search (optional): filter by keyword in summary
  • vendor (optional): filter by vendor name
  • product (optional): filter by product name (implies vendor parameter)
  • cvss (optional): filter by CVSS (one of none, low, medium, high, critical)
  • cwe (optional): filter by CWE
  • page (optional, default: 1): the page to start

Example request:

GET /api/cve HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK
[
  ...
  {
    "id": "CVE-2021-1411",
    "summary": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",
    "created_at": "2021-03-24T21:15:00Z",
    "updated_at": "2021-03-29T17:32:00Z"
  },
  ...
]

GET /cve/<string:id>

Get the details of a specific CVE.

Example request:

GET /api/cve/CVE-2021-1411 HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK
{
  "id": "CVE-2021-1411",
  "summary": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",
  "created_at": "2021-03-24T21:15:00Z",
  "updated_at": "2021-03-29T17:32:00Z",
  "cvss": {
    "v2": 9.0,
    "v3": 9.9
  },
  "vendors": {
    "cisco": [
      "jabber"
    ]
  },
  "cwes": [
    "CWE-170"
  ],
  "raw_nvd_data": {
    "cve": {
      "data_type": "CVE",
      "references": {
        "reference_data": [{
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-jabber-PWrTATTC",
          "name": "20210324 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities",
          "tags": [
            "Vendor Advisory"
          ],
          "refsource": "CISCO"
        }]
      },
      "data_format": "MITRE",
      "description": {
        "description_data": [{
          "lang": "en",
          "value": "Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
        }]
      },
      "problemtype": {
        "problemtype_data": [{
          "description": [{
            "lang": "en",
            "value": "CWE-170"
          }]
        }]
      },
      "data_version": "4.0",
      "CVE_data_meta": {
        "ID": "CVE-2021-1411",
        "ASSIGNER": "cve@mitre.org"
      }
    },
    "impact": {
      "baseMetricV2": {
        "cvssV2": {
          "version": "2.0",
          "baseScore": 9.0,
          "accessVector": "NETWORK",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "authentication": "SINGLE",
          "integrityImpact": "COMPLETE",
          "accessComplexity": "LOW",
          "availabilityImpact": "COMPLETE",
          "confidentialityImpact": "COMPLETE"
        },
        "severity": "HIGH",
        "acInsufInfo": false,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "exploitabilityScore": 8.0,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      },
      "baseMetricV3": {
        "cvssV3": {
          "scope": "CHANGED",
          "version": "3.1",
          "baseScore": 9.9,
          "attackVector": "NETWORK",
          "baseSeverity": "CRITICAL",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "integrityImpact": "HIGH",
          "userInteraction": "NONE",
          "attackComplexity": "LOW",
          "availabilityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "confidentialityImpact": "HIGH"
        },
        "impactScore": 6.0,
        "exploitabilityScore": 3.1
      }
    },
    "publishedDate": "2021-03-24T21:15Z",
    "configurations": {
      "nodes": [{
        "operator": "OR",
        "cpe_match": [{
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.1.5"
          },
          {
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.5.4",
            "versionStartIncluding": "12.5.0"
          },
          {
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.6.5",
            "versionStartIncluding": "12.6.0"
          },
          {
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.7.4",
            "versionStartIncluding": "12.7.0"
          },
          {
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.8.5",
            "versionStartIncluding": "12.8.0"
          },
          {
            "cpe23Uri": "cpe:2.3:a:cisco:jabber:*:*:*:*:*:windows:*:*",
            "vulnerable": true,
            "versionEndExcluding": "12.9.5",
            "versionStartIncluding": "12.9.0"
          }
        ]
      }],
      "CVE_data_version": "4.0"
    },
    "lastModifiedDate": "2021-03-29T17:32Z"
  }
}