Product Endpoints
- 05 May 2022
- 3 Minutes to read
- Print
- DarkLight
- PDF
Product Endpoints
- Updated on 05 May 2022
- 3 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
These endpoints provide the ability to search for products and get information about those products.
Get Products - Returns detailed information about the specified product(s).
Get Latest Version for Dependency - Returns the latest version of a specified dependency.
Search - Perform a search for products, packages, and GitHub repositories.
Get Products
The v1/vulnerabilities/getProducts endpoint returns information about a given CPE or product name.
| Endpoint | |
| v1/vulnerabilities/getProducts | |
| Request Method | |
| GET | |
| Parameter | Description |
| external_id | The CPE of a product. Required if product parameter is not used. |
| product | A product name. This will return the top 10 results matching that product. Required if external_id parameter is not used. |
Request Example:
curl -H "Authorization: Bearer TOKEN" \
https://api.ionchannel.io/v1/vulnerability/getProducts?external_id=cpe:/a:nokogiri:nokogiri:1.8.0::~~~ruby~~Response Example:
{
"data": [
{
"id": 0,
"name": "nokogiri",
"org": "nokogiri",
"version": "1.8.0",
"up": "",
"edition": "",
"aliases": null,
"created_at": "2021-01-05T22:34:24Z",
"updated_at": "2021-01-05T22:34:24Z",
"title": "",
"references": [
{
"Product": "https://rubygems.org/gems/nokogiri"
},
{
"Vendor": "https://nokogiri.org/"
},
{
"Version": "https://github.com/sparklemotion/nokogiri"
}
],
"part": "",
"language": "",
"external_id": "cpe:/a:nokogiri:nokogiri:1.8.0::~~~ruby~~",
"source": [
{
"id": 1,
"name": "NVD",
"description": "National Vulnerability Database",
"created_at": "2017-02-09T20:18:35.385658Z",
"updated_at": "2017-02-13T20:12:05.342693Z",
"attribution": "Copyright © 1999–2017, The MITRE Corporation. CVE and the CVE logo are registered trademarks and CVE-Compatible is a trademark of The MITRE Corporation.",
"license": "Submissions: For all materials you submit to the Common Vulnerabilities and Exposures (CVE®), you hereby grant to The MITRE Corporation (MITRE) and all CVE Numbering Authorities (CNAs) a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute such materials and derivative works. Unless required by applicable law or agreed to in writing, you provide such materials on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.\n\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\n",
"copyright_url": "http://cve.mitre.org/about/termsofuse.html"
}
],
"confidence": 1,
"vulnerability_count": 2,
"mttr_seconds": null,
"vulnerabilities": null
}
],
"meta": {
"total_count": 1,
"limit": 10,
"offset": 0
}
}Get Latest Version for Dependency
The v1/dependency/getLatestVersionForDependency endpoint returns the most recent version of a specified product.
| Endpoint | |
| v1/dependency/getLatestVersionForDependency | |
| Request Method | |
| GET | |
| Parameter | Description |
| name | The dependency name. |
| type | The dependency ecosystem (e.g. java, ruby, javascript, python, go) |
Request Example:
curl -H "Authorization: Bearer TOKEN" \
"https://api.ionchannel.io/v1/dependency/getLatestVersionForDependency?name=nokogiri&type=ruby"Response Example:
{
"meta": {
"copyright": "Copyright 2017 - Ion Channel Corp (ionchannel.io)",
"authors": [
"tlpinney",
"Matthew Mayer"
],
"version": "v1",
"total_count": 1
},
"links": {
"self": "https://api.ionchannel.io/v1/dependency/getLatestVersionForDependency?name=nokogiri&type=ruby"
},
"timestamps": {
"created": "2021-10-20T00:22:03.850Z",
"updated": "2021-10-20T00:22:03.866Z"
},
"data": {
"version": "1.12.5"
}
}Search
The v1/search endpoint allows you to search for products. Searches can include product names, versions, and organizations.
| Endpoint | |
| v1/search | |
| Request Method | |
| GET | |
| Parameter | Description |
| q | The query to perform. Spaces should be replaced with a +. Special characters should be HTML encoded. |
| tbs | (optional) The type of search to perform. Valid types are products, packages, repos, or reports, which will search all 3 types. The default value is products. |
| offset | (optional) An integer to indicate the position of the first vulnerability to be returned (e.g., an offset of 10 will not return the first 10 vulnerabilities). The default offset is 0. |
| limit | (optional) An integer to set the maximum number of vulnerabilities to return. The default limit is 10. |
Request Example
curl -H "Authorization: Bearer TOKEN" \
"https://api.ionchannel.io/v1/search?q=ruby+2.1.10&tbs=products&offset=0&limit=1"Response Example
{
"data": [
{
"id": 0,
"name": "ruby",
"org": "ruby-lang",
"version": "2.1.10",
"up": "",
"edition": "",
"aliases": null,
"created_at": "2021-11-16T17:14:50Z",
"updated_at": "2021-11-16T17:14:50Z",
"title": "",
"references": null,
"part": "",
"language": "",
"external_id": "cpe:/a:ruby-lang:ruby:2.1.10",
"source": null,
"confidence": 1,
"vulnerability_count": 27,
"mttr_seconds": null,
"vulnerabilities": null
}
],
"meta": {
"total_count": 1249,
"limit": 1,
"offset": 0,
"duration_ms": 393
}
}Was this article helpful?
