GET
/
v1
/
tenant
/
shiftleft
/
iac
/
scans
/
{scanId}
/
vulnerabilities
List IaC Vulnerabilities by scanId
curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/shiftleft/iac/scans/{scanId}/vulnerabilities \
  --header 'Authorization: Bearer <token>'
{
  "data": [
    {
      "id": "1",
      "createdAt": "2023-06-30T06:07:18.797Z",
      "updatedAt": "2023-06-30T06:07:18.797Z",
      "tenantId": "tenant-123",
      "organizationId": "org-456",
      "vulnerabilityId": "CVE-2023-12345",
      "description": "This is a sample vulnerability description.",
      "severityLevel": "HIGH",
      "title": "Sample Vulnerability Title",
      "primaryUrl": "https://example.com/cve/CVE-2023-12345",
      "packages": [
        {
          "name": "sample-package",
          "type": "npm",
          "fixedVersion": "1.0.1",
          "installedVersion": "1.0.0"
        }
      ],
      "publishedDate": "2023-06-15",
      "cwes": [
        {
          "id": "1",
          "name": "CWE-123",
          "cweId": "CWE-123",
          "source": "MITRE",
          "sourceUrl": "https://example.com/cwe/CWE-123",
          "description": "This is a sample CWE description."
        }
      ],
      "hasKev": true,
      "hasExploit": false,
      "knownExploit": null,
      "exploits": [
        {
          "id": "1",
          "title": "Sample Exploit Title",
          "description": "This is a sample exploit description.",
          "source": "MITRE",
          "sourceUrl": "https://example.com/exploit/CVE-2023-12345"
        }
      ],
      "severityLevelValue": 4,
      "file": "/node/CVE-2023-12345/package-lock.json"
    }
  ],
  "meta": {
    "page": 123,
    "perPage": 123,
    "total": 123,
    "hasNextPage": true,
    "hasPreviousPage": true
  }
}

Authorizations

Authorization
string
header
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization
string
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Content-Type
string

application/json

Path Parameters

scanId
string
required

Scan ID

Query Parameters

ids
string

Filter vulnerabilities based on ids. Accepts a comma-separated list of ids.

Example:
["uuid1,uuid2,uuid3"]
vulnerabilityIds
string

Filter vulnerabilities based on vulnerability id. Accepts a comma-separated list of vulnerability id.

Example:

"CVE-2022-22965,CVE-2022-22966,CVE-2022-22967"

severitySources
string

Filter vulnerabilities based on severitySource. Accepts a comma-separated list of severitySource.

Example:

"nvd,github,debian"

files
string

Filter vulnerabilities based on file. Accepts a comma-separated list of file.

Example:

"file1,file2"

hasKevs
boolean

Filter vulnerabilities based on hasKev. Accepts a comma-separated list of boolean value.

Example:

"true,false"

hasExploits
boolean

Filter vulnerabilities based on hasExploit. Accepts a comma-separated list of boolean value.

Example:

"true,false"

severityLevels
enum<string>

Filter vulnerabilities based on severity. Accepts a comma-separated list of severity.

Available options:
CRITICAL,
HIGH,
MEDIUM,
LOW
Example:

"CRITICAL,HIGH"

sortBy
enum<string>

Sort results by the specified field.

Available options:
id,
vulnerabilityId,
severityLevel,
severitySource,
hasKev,
hasExploit,
file,
createdAt,
updatedAt
Example:

"createdAt"

sortOrder
enum<string>

Sort order for the results.

Available options:
asc,
desc
Example:

"asc"

page
integer

Page number for the results. Accepts a positive integer.

Example:

1

perPage
integer

Number of results per page. Accepts a positive integer.

Example:

10

Response

200
application/json

Successful response with the list of vulnerabilities

The response is of type object.