Products API
GET /vendors/<string:vendor>/products
List the products associated to a vendor.
Parameters:
search
(optional): filter by keywordpage
(optional, default: 1): the page to start
Example request:
GET /api/vendors/wordpress/products HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.1 200 OK
[
...
{
"name": "wordpress_mu",
"human_name": "Wordpress Mu"
},
...
]
GET /vendors/<string:vendor>/products/<string:product>
Get a specific product of a vendor.
Example request:
GET /api/vendors/wordpress/products/wordpress_mu HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.1 200 OK
{
"name": "wordpress_mu",
"human_name": "Wordpress Mu"
}
GET /vendors/<string:vendor>/products/<string:product>/cve
Get the list of CVEs associated to a product.
Parameters:
search
(optional): filter by keyword in summarycvss
(optional): filter by CVSS (one ofnone
,low
,medium
,high
,critical
)cwe
(optional): filter by CWEpage
(optional, default: 1): the page to start
Example request:
GET /api/vendors/wordpress/products/wordpress_mu/cve HTTP/1.1
Host: example.com
Accept: application/json
Example response:
HTTP/1.1 200 OK
[
...
{
"id": "CVE-2009-2335",
"summary": "WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for \"user convenience.\"",
"created_at": "2009-07-10T21:00:00Z",
"updated_at": "2018-11-08T20:38:00Z"
},
...
]