### Configuration Applicability Example Source: https://nvd.nist.gov/developers/vulnerabilities Example of CVE applicability statements, detailing product associations and logical relationships between CPEs. This object is optional. ```json "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*", "matchCriteriaId": "1D07F493-9C8D-44A4-8652-F28B46CBA27C" } ] } ] } ], ``` -------------------------------- ### Reference Information Example Source: https://nvd.nist.gov/developers/vulnerabilities Example of supplemental reference information for a CVE, including URLs and sources. This object is required. ```json "references": [ { "url": "http://seclists.org/fulldisclosure/2019/Jun/16", "source": "security@netgear.com" }, { "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4", "source": "security@netgear.com" }, { "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1", "source": "security@netgear.com" }, { "url": "http://www.securityfocus.com/bid/1", "source": "security@netgear.com" } ], ``` -------------------------------- ### Request Next Page of CPE Records Source: https://nvd.nist.gov/developers/products To fetch subsequent records, update the startIndex parameter to retrieve the next set of CPE data. This example requests records starting from index 20. ```bash https://services.nvd.nist.gov/rest/json/cpes/2.0/?resultsPerPage=20&startIndex=20 ``` -------------------------------- ### Weakness Information Example Source: https://nvd.nist.gov/developers/vulnerabilities Example of weakness information for a CVE, including source and type. This object is optional and may not be present for all CVEs. ```json "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], ``` -------------------------------- ### CVE Descriptions Example Source: https://nvd.nist.gov/developers/vulnerabilities Illustrates the structure for CVE descriptions, supporting multiple languages with ISO 639-1 identifiers. ```json "descriptions": [ { "lang": "en", "value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root." }, { "lang": "es", "value": "El comando de depuración de Sendmail está activado, permitiendo a atacantes ejecutar comandos como root." } ], ``` -------------------------------- ### CVSS Metric V2 Example Source: https://nvd.nist.gov/developers/vulnerabilities Example of CVSS v2 metrics for a CVE. This includes exploitability and impact scores. ```json "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, ``` -------------------------------- ### Start Index Source: https://nvd.nist.gov/developers/vulnerabilities Specify the offset for retrieving paginated results. Used in conjunction with `resultsPerPage`. ```APIDOC ## GET /cves/2.0?startIndex={offset} ### Description Specifies the offset for retrieving paginated results. This parameter is used to fetch subsequent pages of results when `resultsPerPage` is also specified. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/cves/2.0 ### Parameters #### Query Parameters - **startIndex** (integer) - Optional - The starting index (offset) for the results. For example, to get the second page of results with `resultsPerPage` set to 100, `startIndex` would be 100. ### Request Example ```http GET https://services.nvd.nist.gov/rest/json/cves/2.0?startIndex=100&resultsPerPage=100 ``` ``` -------------------------------- ### Example Vendor Comment Source: https://nvd.nist.gov/developers/vulnerabilities Demonstrates the structure for vendor comments on a CVE, including organization, comment text, and modification date. ```json { "vendorComments": [ { "organization": "Red Hat", "comment": "Not vulnerable. This issue did not affect the versions of the util-linux packages (providing /bin/login), as shipped with Red Hat Enterprise Linux 2.1, 3, 4 or 5.", "lastModified": "2008-12-18T00:00:00" } ] } ``` -------------------------------- ### Example Affected Product Information Source: https://nvd.nist.gov/developers/vulnerabilities Illustrates how to represent product information affected by a CVE, including vendor, product name, and version status. ```json { "affected": [ { "source": "security@example.com ", "affectedData": [ { "vendor": "Example Technologies", "product": "Secure Portal", "versions": [ { "version": "2.1", "status": "affected" } ] } ] } ] } ``` -------------------------------- ### CVE Tags Example Source: https://nvd.nist.gov/developers/vulnerabilities Shows how CVE tags are represented in the API response, including the source identifier and the tags themselves. ```json "cveTags": [ { "sourceIdentifier": "cve@mitre.org", "tags": [ "disputed" ] } ], ``` -------------------------------- ### Get Source Records with Pagination Source: https://nvd.nist.gov/developers/data-sources Retrieves source records with control over the number of results per page and the starting index for pagination. ```APIDOC ## GET /source/2.0?resultsPerPage={page limit}&startIndex={offset} ### Description Specifies the number of source records to return per API response and the index of the first record to be returned. Used for paginating through results when `totalResults` exceeds `resultsPerPage`. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/source/2.0/ ### Parameters #### Query Parameters - **resultsPerPage** (integer) - Optional - The maximum number of source records to return per page. Defaults to 1000, max is 1000. - **startIndex** (integer) - Optional - The zero-based index of the first source record to be returned. ### Request Example ``` https://services.nvd.nist.gov/rest/json/source/2.0/?resultsPerPage=20&startIndex=0 ``` ### Response #### Success Response (200) - **totalResults** (integer) - The total number of source records matching the request. - **startIndex** (integer) - The starting index of the current response page. - **resultsPerPage** (integer) - The number of source records returned in this response. - **sources** (array) - An array of source objects, each containing details about a data source organization. ``` -------------------------------- ### NVD Data Sources API JSON Response Example Source: https://nvd.nist.gov/developers/data-sources This is an example of a JSON response from the NVD Data Sources API. It illustrates the structure of the 'sources' object, including required and optional fields like acceptance levels. ```json { "resultsPerPage": 2, "startIndex": 0, "totalResults": 215, "format": "NVD_SOURCE", "version": "2.0", "timestamp": "2022-08-25T17:48:15.150", "sources": [ { "name": "MITRE", "contactEmail": "cve@mitre.org", "sourceIdentifiers": [ "cve@mitre.org", "security-info@sgi.com", "security@netgear.com" ], "lastModified": "2019-09-09T16:18:45.930", "created": "2019-09-09T16:18:45.930", "v3AcceptanceLevel": { "description": "Contributor", "lastModified": "2022-08-18T00:00:05.690" }, "cweAcceptanceLevel": { "description": "Reference", "lastModified": "2022-08-19T00:00:00.060" } }, { "name": "DWF", "contactEmail": "cve-assign@distributedweaknessfiling.org", "sourceIdentifiers": [ "cve-assign@distributedweaknessfiling.org", "josh@bress.net" ], "lastModified": "2019-09-09T16:18:45.930", "created": "2019-09-09T16:18:45.930", "cweAcceptanceLevel": { "description": "Reference", "lastModified": "2020-10-01T00:00:00.070" } } ] } ``` -------------------------------- ### Example SSVC Assessment Data Source: https://nvd.nist.gov/developers/vulnerabilities Shows an example of Stakeholder-Specific Vulnerability Categorization (SSVC) data for a CVE, including exploitation, automation, and impact. ```json { "ssvcV203": [ { "source": "7fec8d14-91ab-4e8d-b2f1-5c3a9f7d6210", "ssvcData": { "timestamp": "2026-05-22T21:14:25.618422Z", "id": "CVE-0000-0000", "options": [ { "exploitation": "poc" }, { "automatable": "yes" }, { "technicalImpact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } ] } ``` -------------------------------- ### Request CVE Change Histories by Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Example request to the CVE Change History API filtering by a specific date range. Both start and end dates are required, and the maximum range is 120 days. ```http https://services.nvd.nist.gov/rest/json/cvehistory/2.0/?changeStartDate=2021-08-04T13:00:00.000%2B01:00&changeEndDate=2021-10-22T13:36:00.000%2B01:00 ``` -------------------------------- ### Request Source Records with Pagination (First Page) Source: https://nvd.nist.gov/developers/data-sources Retrieve a specific number of source records starting from the first index. The default and maximum results per page is 1,000. ```text https://services.nvd.nist.gov/rest/json/source/2.0/?resultsPerPage=20&startIndex=0 ``` -------------------------------- ### Request Source Records with Pagination (Subsequent Page) Source: https://nvd.nist.gov/developers/data-sources Retrieve source records starting from a specified index, used for fetching subsequent pages of results. ```text https://services.nvd.nist.gov/rest/json/source/2.0/?resultsPerPage=20&startIndex=20 ``` -------------------------------- ### CVE Change History API Response Example Source: https://nvd.nist.gov/developers/vulnerabilities This JSON object represents a typical response from the CVE Change History API, illustrating the structure of change events and their associated details. ```json { "resultsPerPage": 1, "startIndex": 0, "totalResults": 558843, "format": "NVD_CVEHistory", "version": "2.0", "timestamp": "2022-10-24T12:30:00.000", "cveChanges": [ { "change": { "cveId": "CVE-2020-12448", "eventName": "Initial Analysis", "cveChangeId": "5DEF54B9-7FF3-4436-9763-2958C5B78731", "sourceIdentifier": "nvd@nist.gov", "created": "2020-05-11T15:05:30.490", "details": [ { "action": "Added", "type": "CVSS V2", "newValue": "NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)" }, { "action": "Added", "type": "CVSS V3.1", "newValue": "NIST AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "action": "Changed", "type": "Reference Type", "oldValue": "https://about.gitlab.com/blog/categories/releases/ No Types Assigned", "newValue": "https://about.gitlab.com/blog/categories/releases/ Product, Release Notes" }, { "action": "Changed", "type": "Reference Type", "oldValue": "https://about.gitlab.com/releases/2020/04/30/security-release-12-10-2-released/ No Types Assigned", "newValue": "https://about.gitlab.com/releases/2020/04/30/security-release-12-10-2-released/ Release Notes, Vendor Advisory" }, { "action": "Added", "type": "CWE", "newValue": "NIST CWE-22" }, { "action": "Added", "type": "CPE Configuration", "newValue": "OR\n *cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* versions from (including) 12.8.0 up to (excluding) 12.8.10" } ] } } ] } ``` -------------------------------- ### Paginate CVE History Results Source: https://nvd.nist.gov/developers/vulnerabilities Request a specific number of change events starting from a given index. The default and maximum results per page is 5,000. Use startIndex to retrieve subsequent pages of results. ```HTTP https://services.nvd.nist.gov/rest/json/cvehistory/2.0/?resultsPerPage=20&startIndex=0 ``` -------------------------------- ### Get CVE History with Pagination Source: https://nvd.nist.gov/developers/vulnerabilities Retrieves CVE change history with specified pagination parameters. This allows users to control the number of results per page and the starting index for fetching data, useful for handling large result sets. ```APIDOC ## GET /rest/json/cvehistory/2.0 ### Description Retrieves CVE change history with specified pagination parameters. ### Method GET ### Endpoint /rest/json/cvehistory/2.0 ### Parameters #### Query Parameters - **resultsPerPage** (integer) - Optional - The maximum number of change events to return per page. Default and maximum is 5000. - **startIndex** (integer) - Optional - The index of the first change event to return. Zero-based. - **cveId** (string) - Optional - The unique Common Vulnerabilities and Exposures identifier for the CVE. - **eventName** (string) - Optional - Filters changes by a specific event type. Spaces in the event name should be URL-encoded. - **changeStartDate** (string) - Optional - Filters changes that occurred on or after this date and time (ISO 8601 format). - **changeEndDate** (string) - Optional - Filters changes that occurred on or before this date and time (ISO 8601 format). ### Request Example ``` https://services.nvd.nist.gov/rest/json/cvehistory/2.0/?resultsPerPage=20&startIndex=0 ``` ### Response #### Success Response (200) - **totalResults** (integer) - The total number of change events matching the request. - **startIndex** (integer) - The starting index for the current page of results. - **resultsPerPage** (integer) - The number of results per page. - **cveChanges** (array) - A list of CVE change objects. - Each object contains details about a specific change event, including timestamp, type, and associated CVE ID. ``` -------------------------------- ### Paginate CPE Match String Results Source: https://nvd.nist.gov/developers/products Request a specific number of CPE Match Strings starting from a given index. This is essential for handling large datasets and retrieving results in manageable chunks. ```bash https://services.nvd.nist.gov/rest/json/cpematch/2.0/?matchStringSearch=cpe:2.3:*:cisco:adaptive_security_appliance:*&resultsPerPage=20&startIndex=0 ``` ```bash https://services.nvd.nist.gov/rest/json/cpematch/2.0/?matchStringSearch=cpe:2.3:*:cisco:adaptive_security_appliance:*&resultsPerPage=20&startIndex=20 ``` -------------------------------- ### Example JSON Response Structure Source: https://nvd.nist.gov/developers/products This JSON structure represents a response from the NVD API, detailing CPE information including product details, modification dates, and titles. ```json { "resultsPerPage": 2, "startIndex": 0, "totalResults": 2, "format": "NVD_CPE", "version": "2.0", "timestamp": "2023-01-10T19:46:53.290", "products": [ { "cpe": { "deprecated": false, "cpeName": "cpe:2.3:a:3com:3cdaemon:-:*:*:*:*:*:*:*", "cpeNameId": "BAE41D20-D4AF-4AF0-AA7D-3BD04DA402A7", "lastModified": "2011-01-12T14:35:43.723", "created": "2007-08-23T21:05:57.937", "titles": [ { "title": "3Com 3CDaemon", "lang": "en" }, { "title": "スリーコム 3CDaemon", "lang": "ja" } ] } }, { "cpe": { "deprecated": true, "cpeName": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpeNameId": "DF3171C4-00E8-4B0F-97EB-2F3EC3394A87", "lastModified": "2021-06-01T14:14:47.707", "created": "2007-08-23T21:16:59.567", "titles": [ { "title": "Linux Kernel 2.6.2", "lang": "en" } ], "refs": [ { "ref": "https://github.com/torvalds/linux", "type": "Version" } ], "deprecatedBy": [ { "cpeName": "cpe:2.3:o:linux:linux_kernel:2.6.2:-:*:*:*:*:*:*", "cpeNameId": "1B4C49FC-8606-45D7-94D1-19C5626D69C7" } ], "deprecates": [ { "cpeName": "cpe:2.3:o:linux:kernel:2.6.2:*:*:*:*:*:*:*", "cpeNameId": "B548E49E-BC95-4804-A2C2-D7ACC7F72095" } ] } } ] } ``` -------------------------------- ### Request CPE Records with Pagination Source: https://nvd.nist.gov/developers/products Retrieve a specific number of CPE records starting from a given index. The default and maximum limit for resultsPerPage is 10,000. ```bash https://services.nvd.nist.gov/rest/json/cpes/2.0/?resultsPerPage=20&startIndex=0 ``` -------------------------------- ### Get Source Records by Source Identifier Source: https://nvd.nist.gov/developers/data-sources Retrieves source records where the sourceIdentifier exactly matches the provided value. ```APIDOC ## GET /source/2.0?sourceIdentifier={sourceIdentifier} ### Description Returns all source records where the exact value of `sourceIdentifiers` matches the provided `{sourceIdentifier}`. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/source/2.0/ ### Parameters #### Query Parameters - **sourceIdentifier** (string) - Required - The identifier of the source to retrieve records for. ### Request Example ``` https://services.nvd.nist.gov/rest/json/source/2.0?sourceIdentifier=cve@mitre.org ``` ### Response #### Success Response (200) - **totalResults** (integer) - The total number of source records matching the request. - **startIndex** (integer) - The starting index of the current response page. - **resultsPerPage** (integer) - The number of source records returned in this response. - **sources** (array) - An array of source objects, each containing details about the specified data source organization. ``` -------------------------------- ### Filter by KEV Catalog Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Returns CVEs added to the CISA KEV catalog within a specified date range. Both start and end dates are required. ```APIDOC ## GET /rest/json/cves/2.0 ### Description Retrieves CVEs that were added to the CISA Known Exploited Vulnerabilities (KEV) catalog between the specified start and end dates. ### Method GET ### Endpoint /rest/json/cves/2.0 ### Parameters #### Query Parameters - **kevStartDate** (string) - Required - The start date/time for the KEV catalog inclusion period in ISO-8601 format (e.g., `YYYY-MM-DDTHH:MM:SSZ`). - **kevEndDate** (string) - Required - The end date/time for the KEV catalog inclusion period in ISO-8601 format (e.g., `YYYY-MM-DDTHH:MM:SSZ`). ### Request Example ``` https://services.nvd.nist.gov/rest/json/cves/2.0/?kevStartDate=2023-01-01T00:00:00.000Z&kevEndDate=2023-04-30T23:59:59.000Z ``` ``` -------------------------------- ### Retrieve CVE Change Histories by Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Fetches all CVEs that have undergone changes within a specified date range. Both start and end dates are required, and the maximum allowable range is 120 consecutive days. Dates must be in the extended ISO-8601 format. ```APIDOC ## GET /rest/json/cvehistory/2.0 ### Description Retrieves CVE change histories within a specified date range. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/cvehistory/2.0/ ### Parameters #### Query Parameters - **changeStartDate** (string) - Required - The start date and time for the change history search in extended ISO-8601 format (e.g., YYYY-MM-DDTHH:MM:SSZ). - **changeEndDate** (string) - Required - The end date and time for the change history search in extended ISO-8601 format (e.g., YYYY-MM-DDTHH:MM:SSZ). ### Request Example ``` https://services.nvd.nist.gov/rest/json/cvehistory/2.0/?changeStartDate=2021-08-04T13:00:00.000%2B01:00&changeEndDate=2021-10-22T13:36:00.000%2B01:00 ``` ``` -------------------------------- ### Get CVE History by Event Name and Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Retrieves all CVEs associated with a specific type of change event within a specified time frame. Each request can contain only one value for the `eventName` parameter. Empty spaces in the URL should be encoded as '%20'. ```APIDOC ## GET /rest/json/cvehistory/2.0 ### Description Retrieves CVEs associated with a specific event name and date range. ### Method GET ### Endpoint /rest/json/cvehistory/2.0 ### Parameters #### Query Parameters - **eventName** (string) - Required - Filters changes by a specific event type. Accepted values include: CVE Received, Initial Analysis, Reanalysis, CVE Modified, Modified Analysis, CVE Translated, Vendor Comment, CVE Source Update, CPE Deprecation Remap, CWE Remap, Reference Tag Update, CVE Rejected, CVE Unrejected, CVE CISA KEV Update, Data Remediation, CVE Status Change. Spaces in the event name should be URL-encoded. - **changeStartDate** (string) - Required - Filters changes that occurred on or after this date and time (ISO 8601 format). - **changeEndDate** (string) - Required - Filters changes that occurred on or before this date and time (ISO 8601 format). - **resultsPerPage** (integer) - Optional - The maximum number of change events to return per page. Default and maximum is 5000. - **startIndex** (integer) - Optional - The index of the first change event to return. Zero-based. ### Request Example ``` https://services.nvd.nist.gov/rest/json/cvehistory/2.0?eventName=CVE%20Rejected&changeStartDate=2021-08-04T13:00:00.000%2B01:00&changeEndDate=2021-10-22T13:36:00.000%2B01:00 ``` ### Response #### Success Response (200) - **totalResults** (integer) - The total number of change events matching the request. - **startIndex** (integer) - The starting index for the current page of results. - **resultsPerPage** (integer) - The number of results per page. - **cveChanges** (array) - A list of CVE change objects. - Each object contains details about a specific change event, including timestamp, type, and associated CVE ID. ``` -------------------------------- ### Get Source Records by Date Range Source: https://nvd.nist.gov/developers/data-sources Retrieves source records that were last modified within a specified date range. Both start and end dates are required. ```APIDOC ## GET /source/2.0?lastModStartDate={start date}&lastModEndDate={end date} ### Description Returns only the source records that were last modified during the specified period. Both `lastModStartDate` and `lastModEndDate` are required. The maximum allowable range is 120 consecutive days. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/source/2.0/ ### Parameters #### Query Parameters - **lastModStartDate** (string) - Required - The start date for filtering records by last modification date. Must be in extended ISO-8601 date/time format: `[YYYY][“-”][MM][“-”][DD][“T”][HH][“:”][MM][“:”][SS][Z]`. - **lastModEndDate** (string) - Required - The end date for filtering records by last modification date. Must be in extended ISO-8601 date/time format: `[YYYY][“-”][MM][“-”][DD][“T”][HH][“:”][MM][“:”][SS][Z]`. ### Request Example ``` https://services.nvd.nist.gov/rest/json/source/2.0/?lastModStartDate=2021-08-04T13:00:00.000%2B01:00&lastModEndDate=2021-10-22T13:36:00.000%2B01:00 ``` ### Response #### Success Response (200) - **totalResults** (integer) - The total number of source records matching the request. - **startIndex** (integer) - The starting index of the current response page. - **resultsPerPage** (integer) - The number of source records returned in this response. - **sources** (array) - An array of source objects, each containing details about a data source organization modified within the specified date range. ``` -------------------------------- ### Search CVEs by Keyword Source: https://nvd.nist.gov/developers/vulnerabilities Use the `keywordSearch` parameter to find CVEs containing specific words or phrases in their descriptions. Multiple keywords act as an AND condition. ```URL https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Microsoft ``` ```URL https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Windows MacOs Linux ``` -------------------------------- ### Search CPE Match Strings by Vendor and Product Pattern Source: https://nvd.nist.gov/developers/products Use this endpoint to find all CPE Match Strings where the vendor and product components match a specified pattern. This is useful for broad searches within the CPE dictionary. ```bash https://services.nvd.nist.gov/rest/json/cpematch/2.0?matchStringSearch=cpe:2.3:*:cisco:adaptive_security_appliance:* ``` -------------------------------- ### Filter CVEs by Publication Date Source: https://nvd.nist.gov/developers/vulnerabilities Use `pubStartDate` and `pubEndDate` to retrieve CVEs published within a specific date range. Both parameters are required, and the maximum range is 120 days. Dates must be in ISO-8601 format. ```URL https://services.nvd.nist.gov/rest/json/cves/2.0/?pubStartDate=2021-08-04T00:00:00.000&pubEndDate=2021-10-22T00:00:00.000 ``` ```URL https://services.nvd.nist.gov/rest/json/cves/2.0/?pubStartDate=2020-01-01T00:00:00.000-05:00&pubEndDate=2020-01-14T23:59:59.999-05:00 ``` -------------------------------- ### Get All Source Records Source: https://nvd.nist.gov/developers/data-sources Retrieves detailed information on all organizations that provide data to the NVD. This is the default request when no parameters are provided. ```APIDOC ## GET /source/2.0 ### Description Retrieves detailed information on all organizations that provide the data contained in the NVD dataset. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/source/2.0 ### Parameters #### Query Parameters - **lastModStartDate** (string) - Optional - The start date for filtering records by last modification date. Must be in ISO-8601 format. - **lastModEndDate** (string) - Optional - The end date for filtering records by last modification date. Must be in ISO-8601 format. - **resultsPerPage** (integer) - Optional - The maximum number of source records to return per page. Defaults to 1000, max is 1000. - **sourceIdentifier** (string) - Optional - Filters records to return only those where the sourceIdentifier exactly matches the provided value. - **startIndex** (integer) - Optional - The zero-based index of the first source record to return. ### Response #### Success Response (200) - **totalResults** (integer) - The total number of source records matching the request. - **startIndex** (integer) - The starting index of the current response page. - **resultsPerPage** (integer) - The number of source records returned in this response. - **sources** (array) - An array of source objects, each containing details about a data source organization. ``` -------------------------------- ### Filter CVEs by KEV Catalog Inclusion Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Use `kevStartDate` and `kevEndDate` to retrieve CVEs added to the CISA KEV catalog within a specific date range. Both parameters are required and must be in extended ISO-8601 format. ```URL https://services.nvd.nist.gov/rest/json/cves/2.0/?kevStartDate=2023-01-01T00:00:00.000Z&kevEndDate=2023-04-30T23:59:59.000Z ``` -------------------------------- ### Publication Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Filter CVEs based on their publication date. Both start and end dates are required, and the maximum range is 120 days. ```APIDOC ## GET /cves/2.0?pubStartDate={start date}&pubEndDate={end date} ### Description Returns CVEs that were added to the NVD (published) during the specified period. Both `pubStartDate` and `pubEndDate` are required. The maximum allowable range is 120 consecutive days. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/cves/2.0 ### Parameters #### Query Parameters - **pubStartDate** (string) - Required - The start of the publication period in ISO-8601 format (YYYY-MM-DDTHH:MM:SSZ). - **pubEndDate** (string) - Required - The end of the publication period in ISO-8601 format (YYYY-MM-DDTHH:MM:SSZ). ### Request Example ```http GET https://services.nvd.nist.gov/rest/json/cves/2.0/?pubStartDate=2021-08-04T00:00:00.000&pubEndDate=2021-10-22T00:00:00.000 GET https://services.nvd.nist.gov/rest/json/cves/2.0/?pubStartDate=2020-01-01T00:00:00.000-05:00&pubEndDate=2020-01-14T23:59:59.999-05:00 ``` ``` -------------------------------- ### Keyword Search Source: https://nvd.nist.gov/developers/vulnerabilities Retrieve CVEs containing specific keywords in their descriptions. Multiple keywords act as an AND condition. A wildcard is implicitly appended to each keyword. ```APIDOC ## GET /cves/2.0?keywordSearch={keywords} ### Description Returns CVEs where a word or phrase is found in the current description. Multiple keywords function as an 'AND' statement. Keyword search operates as though a wildcard is placed after each keyword provided. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/cves/2.0 ### Parameters #### Query Parameters - **keywordSearch** (string) - Required - A word or phrase to search for in CVE descriptions. Multiple keywords should be space-separated. ### Request Example ```http GET https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Microsoft GET https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Windows MacOs Linux ``` ``` -------------------------------- ### Last Modification Date Range Source: https://nvd.nist.gov/developers/vulnerabilities Filter CVEs based on their last modification date. Both start and end dates are required, and the maximum range is 120 days. ```APIDOC ## GET /cves/2.0?lastModStartDate={start date}&lastModEndDate={end date} ### Description Returns CVEs that were last modified during the specified period. Both `lastModStartDate` and `lastModEndDate` are required. The maximum allowable range is 120 consecutive days. ### Method GET ### Endpoint https://services.nvd.nist.gov/rest/json/cves/2.0 ### Parameters #### Query Parameters - **lastModStartDate** (string) - Required - The start of the modification period in ISO-8601 format (YYYY-MM-DDTHH:MM:SSZ). - **lastModEndDate** (string) - Required - The end of the modification period in ISO-8601 format (YYYY-MM-DDTHH:MM:SSZ). ### Request Example ```http GET https://services.nvd.nist.gov/rest/json/cves/2.0/?lastModStartDate=2021-08-04T13:00:00.000%2B01:00&lastModEndDate=2021-10-22T13:36:00.000%2B01:00 ``` ``` -------------------------------- ### Filter by Exact Keyword Match Source: https://nvd.nist.gov/developers/vulnerabilities Returns CVEs where the 'keywordSearch' value matches the description exactly as a phrase. Requires 'keywordSearch' to be set. ```APIDOC ## GET /rest/json/cves/2.0 ### Description Retrieves CVEs where the search term in `keywordSearch` matches the description as an exact phrase. ### Method GET ### Endpoint /rest/json/cves/2.0 ### Parameters #### Query Parameters - **keywordSearch** (string) - Required - The keyword or phrase to search for in CVE descriptions. - **keywordExactMatch** (boolean) - Optional - If present, ensures that `keywordSearch` matches the entire phrase exactly. ### Request Example ``` https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Microsoft Outlook&keywordExactMatch ``` ``` -------------------------------- ### Request Source Records by Source Identifier Source: https://nvd.nist.gov/developers/data-sources Retrieve source records matching a specific source identifier. A request without parameters returns all source records. ```text https://services.nvd.nist.gov/rest/json/source/2.0?sourceIdentifier=cve@mitre.org ``` -------------------------------- ### Filter CVEs by Exact Keyword Phrase Source: https://nvd.nist.gov/developers/vulnerabilities Use `keywordSearch` with `keywordExactMatch` to find CVEs where a specific phrase appears exactly in the description. `keywordSearch` is required when `keywordExactMatch` is used. ```URL https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Microsoft Outlook&keywordExactMatch ``` -------------------------------- ### Retrieve CPE Records with Pagination Source: https://nvd.nist.gov/developers/products This endpoint allows you to retrieve CPE records with specific pagination controls. You can specify the number of results per page and the starting index for the records. ```APIDOC ## GET /rest/json/cpes/2.0 ### Description Retrieves CPE records with specified pagination parameters. ### Method GET ### Endpoint /rest/json/cpes/2.0 ### Parameters #### Query Parameters - **resultsPerPage** (integer) - Optional - The maximum number of CPE records to return per page. Defaults to 10,000. - **startIndex** (integer) - Optional - The zero-based index of the first CPE record to return. Defaults to 0. ### Request Example ``` https://services.nvd.nist.gov/rest/json/cpes/2.0/?resultsPerPage=20&startIndex=0 ``` ### Response #### Success Response (200) - **resultsPerPage** (integer) - The number of CPE records returned in this response. - **startIndex** (integer) - The starting index of the returned CPE records. - **totalResults** (integer) - The total number of CPE records matching the request. - **format** (string) - The format of the API response. - **version** (string) - The version of the API. - **timestamp** (string) - The date and time the response was generated. - **products** (array) - An array of CPE objects. - **cpe** (object) - Details about a specific CPE record. - **deprecated** (boolean) - Indicates if the CPE is deprecated. - **deprecatedBy** (string) - If deprecated, the CPE Name that replaces it. - **cpeName** (string) - The CPE name. - **cpeNameId** (string) - The unique identifier for the CPE name. - **dateCreated** (string) - The date and time the CPE was added. - **dateLastModified** (string) - The date and time the CPE was last modified. - **titles** (object) - Additional metadata for the CPE. ``` -------------------------------- ### Filter by Keyword Search Source: https://nvd.nist.gov/developers/vulnerabilities Returns CVEs where any of the provided keywords are found in the current description. ```APIDOC ## GET /rest/json/cves/2.0 ### Description Retrieves CVEs where the specified keywords appear in the CVE description. ### Method GET ### Endpoint /rest/json/cves/2.0 ### Parameters #### Query Parameters - **keywordSearch** (string) - Required - One or more keywords or a phrase to search for within CVE descriptions. ### Request Example ``` https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=remote code execution ``` ``` -------------------------------- ### Filter CVEs with CERT/CC Vulnerability Notes Source: https://nvd.nist.gov/developers/vulnerabilities Use the `hasCertNotes` parameter to retrieve CVEs containing a Vulnerability Note from CERT/CC. This parameter does not require a value. ```URL https://services.nvd.nist.gov/rest/json/cves/2.0?hasCertNotes ``` -------------------------------- ### CVE API Response Structure Source: https://nvd.nist.gov/developers/vulnerabilities This snippet details the primary objects returned by the CVE API, including pagination information, API metadata, and the core 'vulnerabilities' array. It also explains the structure of the 'cve' object within the vulnerabilities array, highlighting required and optional fields such as CISA KEV data and nested objects like descriptions and metrics. ```APIDOC ## CVE API Response Details ### Description The CVE API returns several primary objects in the response body, including pagination details (`resultsPerPage`, `startIndex`, `totalResults`), API metadata (`format`, `version`, `timestamp`), and the main `vulnerabilities` array. - `totalResults`: Indicates the total number of CVE matching the request criteria. - `resultsPerPage`: The number of results returned per page. - `startIndex`: The starting point for subsequent requests. - `format`: The format of the API response. - `version`: The version of the API. - `timestamp`: The time the response was generated. - `vulnerabilities`: An array of CVE objects, sorted by publication date. ### `vulnerabilities` Object This object contains an array of CVE objects. Each object in the array represents a CVE and is sorted in ascending order by the `published` property. ### `cve` Object (Required) This object contains core information about the CVE: - **`id`** (string): The CVE ID (e.g., CVE-2023-12345). - **`sourceIdentifier`** (string): An identifier for the source of the CVE. - **`published`** (string): The date and time the CVE was published. - **`lastModified`** (string): The date and time the CVE was last modified. - **`vulnStatus`** (string): The CVE's status in the NVD. #### Optional Fields within `cve` Object: - **`evaluatorComment`** (string): Additional context from the evaluator. - **`evaluatorImpact`** (string): Evaluator's assessment of the impact. - **`evaluatorSolution`** (string): Evaluator's suggested solution. - **`cisaExploitAdd`** (string): Date added to CISA's Known Exploited Vulnerabilities (KEV) Catalog. - **`cisaActionDue`** (string): Date by which federal agencies must complete required action. - **`cisaRequiredAction`** (string): The required action from CISA BOD 22-01. - **`cisaVulnerabilityName`** (string): The name of the vulnerability in the CISA KEV Catalog. #### Nested Optional Objects within `cve` Object: - **`cveTags`** (array of objects): Provides contextual information about the CVE. - `sourceIdentifier` (string): The organization that provided the CVE Tag information. - `tags` (array of strings): Relevant CVE Tags (e.g., "disputed"). ```json "cveTags": [ { "sourceIdentifier": "cve@mitre.org", "tags": [ "disputed" ] } ] ``` - **`descriptions`** (array of objects, Required): Contains a description of the CVE in one or more languages. - `lang` (string): ISO 639-1 language identifier (e.g., "en", "es"). - `value` (string): The description text. ```json "descriptions": [ { "lang": "en", "value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root." }, { "lang": "es", "value": "El comando de depuración de Sendmail está activado, permitiendo a atacantes ejecutar comandos como root." } ] ``` - **`metrics`** (object, Optional): Contains information on the CVE's impact, including CVSSv2 or CVSSv3 data if analyzed. - `source` (string): The organization that provided the metrics information. - `type` (string): Whether the source is primary or secondary. ```