Supported Input Formats
The domain variable can be sent to API in different forms such as Punycode, Unicode, lower-case, and upper-case. If the domain variable is sent as FQDN i.e. with a subdomain, API extracts the domain from input and returns all other TLDs data successfully.
Examples of Supported Input Formats
Vulnerability search using a particular CVE ID
You can either use uppercase or lowercase Common Vulnerabilities and Exposures (CVE) ID values for a vulnerability search.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"must": [
{
"name": "cve_data_meta.id",
"type": "eq",
"value": "CVE-2021-0001"
}
]
}
'
Vendor and product vulnerability search
You can perform vulnerability searches using vendor, product, and version names.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"must": [
{
"name": "enrichment.cpe.vendor",
"type": "eq",
"value": "apple"
},
{
"name": "enrichment.cpe.product",
"value": "iphone_os",
"type": "eq"
},
{
"name": "enrichment.cpe.affected_versions",
"type": "eq",
"value": "1.0.0"
}
]
}
'
Vulnerability search by severity and score values
You can classify vulnerabilities according to their severity and security scores.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"should": [
{
"name": "impact.base_metric_v3.cvss_v3.base_score",
"type": "gte",
"value": "8.0"
},
{
"name": "impact.base_metric_v3.cvss_v3.base_severity",
"type": "eq",
"value": "critical"
}
],
"must": [
{
"name": "enrichment.cpe.vendor",
"value": "apple",
"type": "eq"
}
]
}
'
Vulnerability search by CWE name or ID
You can classify vulnerabilities by their Common Weakness Enumeration (CWE) name or ID.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"should": [
{
"name": "enrichment.cwe.name",
"type": "wildcard",
"value": "*Cross-site Scripting*"
},
{
"name": "problem_type.problem_type_data.description.value",
"value": "CWE-79",
"type": "eq"
}
]
}
'
Vulnerability search by CPE name
You can discover vulnerabilities by their Common Platform Enumeration (CPE) names.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"must": [
{
"name": "enrichment.cpe.cpe_names",
"type": "eq",
"value": "cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*"
}
]
}
'
Vulnerability search by CAPEC ID
You can discover vulnerabilities by their Common Attack Pattern Enumeration and Classification (CAPEC) IDs. For example, the following command returns vulnerabilities (CVEs) related to the CAPEC-469: HTTP Denial-of-Service (DoS) attack pattern.
$ curl --request POST \
--url 'https://api.deepinfo.com/v1/discovery/vulnerability-search?page=1&page_size=100' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '
{
"must": [
{
"name": "enrichment.cwe.capec_id",
"type": "eq",
"value": "469"
}
]
}
'
Updated about 3 years ago