HEXL
Catalog/security-cve

Security

Vulnerability lookup (CVE / package) API

Look up a specific CVE from the NVD (description, CVSS score/severity, references) or known vulnerabilities in a software package from OSV. Answers 'details for CVE-2021-44228', 'is lodash 4.17.15 vulnerable', 'CVSS score for this CVE'.

Price$0.01per request
MethodPOST
Route/v1/security/cve
StatusLive
MIME typeapplication/json
Rate limit40/minute
Cache3600s public
securitycvevulnerabilitycvssnvdosvinfosec
API URLhttps://x402.hexl.dev/v1/security/cve
Integration docs
Example request
{
  "op": "cve",
  "cveId": "CVE-2021-44228"
}
Example response
{
  "op": "cve",
  "id": "CVE-2021-44228",
  "description": "Apache Log4j2 JNDI…",
  "cvssScore": 10,
  "severity": "CRITICAL",
  "published": "2021-12-10"
}
Input schema
{
  "type": "object",
  "required": [
    "op"
  ],
  "properties": {
    "op": {
      "type": "string",
      "enum": [
        "cve",
        "package"
      ]
    },
    "cveId": {
      "type": "string",
      "examples": [
        "CVE-2021-44228"
      ]
    },
    "package": {
      "type": "string"
    },
    "ecosystem": {
      "type": "string",
      "examples": [
        "npm",
        "PyPI",
        "Go"
      ]
    },
    "version": {
      "type": "string"
    }
  }
}
Output schema
{
  "type": "object",
  "additionalProperties": true
}