Ion Channel Bunsen API

Base URL: /v1, Version: 0.0.3

Get some really good info on software

Default response content-types: application/json
Schemes: https

Summary

Tag: Vulnerabilities

Operation Description
GET /vulnerability/getVulnerabilities

Retrieve the vulnerabilities for a given product

POST /vulnerability/getVulnerabilities

Retrieve vulnerabilities for a list of product+versions

POST /vulnerability/getVulnerabilitiesInFile

Retrieve vulnerabilities for a list of product+versions from a file

GET /vulnerability/getVulnerability

Retrieve the vulnerability by a given name/id

Tag: Products

Operation Description
GET /vulnerability/getProducts

Get list of CPEs for org/product and version

Tag: Subscriptions

Operation Description
POST /vulnerability/subscribe

Subscribe a user email (NOT AVAILABLE)

POST /vulnerability/unsubscribe

Unsubscribe user email (NOT AVAILABLE)

Paths

Get list of CPEs for org/product and version

GET /vulnerability/getProducts

Tags: Products

the getProducts endpoint returns a list of CPEs for a given org/product and version.

product

the org/product or product to be queried

query string
version

the version of the product to be queried

query string

Uses default content-types: application/json

200 OK

An object containing the list of CPEs/products

404 Not Found

No products found for org/product and version

default

Unexpected error

Retrieve the vulnerabilities for a given product

GET /vulnerability/getVulnerabilities

Tags: Vulnerabilities

the getVulnerabilities endpoint returns a list of vulnerabilities for a given product and version.

product

The name of the product to search against

query string
version

The version of the product to search against

query string
page

Returns all records if set to false

query string
limit

Limit number of records to respond with

query integer 10
offset

Starting record for responses

query integer

Uses default content-types: application/json

200 OK

An object containing the list of vulnerabilities

404 Not Found

No product and version were not found

default

Unexpected error

Retrieve vulnerabilities for a list of product+versions

POST /vulnerability/getVulnerabilities

Tags: Vulnerabilities

Receive a list of products and version, and return a list of vulnerabilities for each.

application/json

application/json

200 OK

Post Successful - Vulnerabilities processes and returned.

404 Not Found

Product (and version) was not found

default

Unexpected error

Retrieve vulnerabilities for a list of product+versions from a file

POST /vulnerability/getVulnerabilitiesInFile

Tags: Vulnerabilities

Receive a list of products and version in a file, and return a list of vulnerabilities for each.

multipart/form-data

file

The file uploaded

formData file

application/json

200 OK

An object containing the list of vulnerabilities

404 Not Found

No vulnerability by name was not found

default

Unexpected error

Retrieve the vulnerability by a given name/id

GET /vulnerability/getVulnerability

Tags: Vulnerabilities

the getVulnerability endpoint returns a vulnerability for a given name/id.

name

The name of the vulnerability (e.g. CVE-2016-0001)

query string

Uses default content-types: application/json

200 OK

An object containing the list of vulnerabilities

404 Not Found

No vulnerability by name was not found

default

Unexpected error

Subscribe a user email (NOT AVAILABLE)

POST /vulnerability/subscribe

Tags: Subscriptions

Subscribe a user to register to receive notification whan a given CVE Id changes.

email

Email of the subscriber

formData string
ids

The CVE list (comma separated) list of cve to subscribe for updates to

formData string

Uses default content-types: application/json

200 OK

Post Successful - User subscribed to getting notification

404 Not Found

vulnerability was not found

default

Unexpected error

Unsubscribe user email (NOT AVAILABLE)

POST /vulnerability/unsubscribe

Tags: Subscriptions

Unsubscribe user email from receiving update when CVE updates are made

email

Email of the subscriber

formData string
ids

The CVE list (comma separated) list of cve to subscribe for updates to

formData string

Uses default content-types: application/json

200 OK

Post Successful - User un-subscribed to getting notification

404 Not Found

The vulnerability or email was not found

default

Unexpected error

Schema definitions

Error: object

code: integer (int32)
message: string
fields: string

Meta: object

copyright: string

Copyright info

authors: string

Authors

version: string

API version

last_update: string

Last update of source data (optional)

Product: object

id: string

Project/product name

version: string

Version of the project/product

vendor: string

Name of project owner

update_id: string

Version extension (for some projects)

name: string

The CPE2.1 name

part: string

Part name for the project

edition: string

Edition name for the project

language: string

Defined language for the project

record_id: string

RecordID for the project

vulnerable_software_list: string

List of vulnerable software

references: string[]

List of references associated with the project

string
title: string

Summary of project and version

cpe23_name: string

CPE2.3 version of the name

sw_edition: string

SW Edition

target_sw: string

Target SW (arch/platform)

ProductAndVersion: object

product: string

Product name ("jdk" or "oracle/jdk")

version: string

Version of the product

Products: object

data: object[]
meta: Meta
timestamps: Timestamps
links: Links

ProductVulnerabilities: object

data: object[]

Subscription: object

data: object
message: string

Simple message stating what happened

meta: Meta
timestamps: Timestamps
links: Links

Timestamps: object

created: string

Time the object was created

updated: string

Time the object was last updated

Vulnerabilities: object

data: object[]
product: string
version: string
meta: Meta
timestamps: Timestamps
links: Links

Vulnerability: object

id: string

Unique identifier representing a specific scan

references: string[]

url reference

string
last_modified: string (date-time)

Version provided to query for vulnerabilities

summary: string

short description of the vulnerabilities

scanner: string

system that performed the scan

date_generated: string (date-time)

The date this cve was generated

vulnerability_source: string

The source that created the cve

integrity_impact: string

impact to the vulnerable components

assessment_check: string

The url in which to assess this vulnerability

vulnerable_software_list: object[]

List of vulnerable software

vulnerability_score: string

The score yield to this vulnerability

access_vector: string

Attack vector. Remoteness of the attacker relative to the vulnerable component.

access_complexity: string

Metric that defines if any software, hardware, or networking condition beyond the attacker's control that must exist or occur in order for the vulnerability to be successfully exploited

date_published: string (date-time)

The date this vulnerabilty was verified and published

vulnerability_authentication: string

level of authentication needed to accomplish this attack

confidentiality_impact: string

The level of person info (PII) exposed with this attack