CVE Vulnerabilities
Overview
Get the Common Vulnerabilities and Exposures (CVE) summary of an application. The service returns the CVE description and the number of impacted third-party packages. These insights come from the com.castsoftware.highlight2mri scanner.
URI
GET /rest/applications/{name}/insights/cve
Path parameters
name (string)
This parameter identifies the analyzed application. The application name must be properly encoded if it is required. Character back-quote is not allowed.
Query parameters
criticality (string)
Optional. Filter detection patterns on criticality level (case insensitive). See Insight CVE Criticality.
Responses
application/json
The response is the list of CVE insights. Example:
[
{
"id": "CVE-2021-41411",
"description": "drools \u003C=7.59.x is affected by an XML External Entity (XXE) vulnerability ...",
"reference": "https://nvd.nist.gov/vuln/detail/CVE-2021-41411",
"criticality": { "id": "CRITICAL" },
"nbPackages": 1
},
...
]
JSON representation
Property | Type | Description |
---|---|---|
id | string | CVE reference ID. |
description | string | Summary |
reference | string | Official Web Page URL |
criticality.id | enum | Level of criticality/severity. |
nbPackages | int | The number of impacted third-party packages |