User GuideAPI ReferenceCommunity

Specific Errors Scenarios

Invalid CVE ID or Format
The CVE ID must be correct and in the format CVE-YEAR-XXXX, such as CVE-2021-0001. Therefore, you must prefix CVE IDs with the term "CVE" so that you can find the relevant vulnerability details.

$ curl --request POST \
     --url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "must": [
          {
               "name": "cve_data_meta.id",
               "type": "eq",
               "value": "2021-5555"
          }
     ]
}
'

HTTP/1.1 200 
...
{
  "result_count": 0,
  "page": 1,
  "page_size": 100,
  "results": []
}

Invalid CWE ID or Format
If you use the field name "problem_type.problem_type_data.description.value" the CWE ID must be in the format CWE-XXX, such as CWE-79. Therefore, you must prefix CWE IDs with the term "CWE" so that you can find the relevant vulnerability details. Note that if you use the filed name "enrichment.cwe.id", you don't need to add the "CWE" prefix.

$ curl --request POST \
     --url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "must": [
          {
               "name": "problem_type.problem_type_data.description.value",
               "type": "eq",
               "value": "79"
          }
     ]
}
'

HTTP/1.1 200 
...
{
  "result_count": 0,
  "page": 1,
  "page_size": 100,
  "results": []
}

Invalid CPE Name or Format"
You must call the API with a valid CPE name and CPE format. Otherwise, the API doesn't bring relevant vulnerabilities. This API only supports the latest CPE definition version CPE 2.3. The CPE scheme format is given below.

cpe:<cpe_version>:<part>:<vendor>:<product>:<version>:<update>:<edition>:<language>:<sw_edition>:<target_sw>:<target_hw>:<other>

The vulnerability search below doesn't give any answer as it is using the old 2.2 version of CPE.

curl --request POST \
     --url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "must": [
          {
               "name": "enrichment.cpe.cpe_names",
               "type": "eq",
               "value": "cpe:o:apple:iphone_os:12.0
          }
     ]
}
'

HTTP/1.1 200 
...
{
  "result_count": 0,
  "page": 1,
  "page_size": 100,
  "results": []
}

Updated over 2 years ago