List

curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/vulnerabilities \
  --header 'Authorization: Bearer <token>'

{
  "data": [
    {
      "schemaVersion": "2022-06-09",
      "assetId": "prn:assets:a",
      "organizationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "tenantId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "integrationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "vulnerabilityId": "CVE-2022-22965",
      "provider": "AWS",
      "assetType": "AWS::EC2::Instance",
      "description": "A flaw was found in shadow-utils.",
      "severityLevel": "HIGH",
      "firstObservedAt": "2023-10-27T04:54:37.830Z",
      "lastObservedAt": "2023-10-27T04:54:37.830Z",
      "publishedDate": "2023-10-27T04:54:37.830Z",
      "executionId": "1678607803935",
      "title": "Sample Vulnerability Title",
      "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl",
      "severitySource": "redhat",
      "primaryUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-22965",
      "packages": [
        {
          "packageName": "sample-package",
          "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl",
          "targetType": "sample-target-type",
          "targetPath": "ip-172-31-29-14.ap-southeast-2.compute.internal",
          "targetClass": "os-pkgs",
          "fixedVersion": "1.0.1",
          "installedVersion": "1.0.0"
        }
      ],
      "cwes": [
        {
          "id": "1",
          "name": "CWE-123",
          "cweId": "CWE-123",
          "source": "MITRE",
          "sourceUrl": "https://example.com/cwe/CWE-123",
          "description": "This is a sample CWE description."
        }
      ],
      "hasKev": true,
      "hasExploit": false,
      "hasVendorFix": true,
      "knownExploit": "<unknown>",
      "exploits": [
        {
          "id": "1",
          "title": "Sample Exploit Title",
          "description": "This is a sample exploit description.",
          "source": "MITRE",
          "sourceUrl": "https://example.com/exploit/CVE-2023-12345"
        }
      ],
      "exemptions": [
        {
          "exemptionId": "e26380da-946e-496e-bebe-9774dae93ed5",
          "exemption": {
            "name": "exemption-rule-001",
            "reason": "ACCEPTED_RISK",
            "createdAt": "2025-06-05T04:54:49.495Z",
            "updatedAt": "2025-06-05T04:54:49.495Z",
            "rules": [
              {
                "exemptionType": "ASSET_VULNERABILITY",
                "vulnerabilityId": "CVE-2025-12345",
                "vulnerabilityIds": [
                  "CVE-2025-12345"
                ],
                "assetIds": [
                  "prn:assets:c00720a1-c167-4fbf-87ea-b6172949b62d:aws:ec2:instance:ap-southeast-2:i-02dd74c78250f9f1a"
                ],
                "assetGroupIds": [
                  "e26380da-946e-496e-bebe-9774dae93ed5"
                ],
                "assetRegions": [
                  "ap-southeast-2"
                ],
                "assetTags": [
                  {
                    "key": "Owner",
                    "value": "TeamOne"
                  }
                ],
                "noVendorFix": false
              }
            ]
          }
        }
      ],
      "severityLevelValue": 4
    }
  ],
  "meta": {
    "page": 123,
    "perPage": 123,
    "total": 123,
    "hasNextPage": true,
    "hasPreviousPage": true
  }
}

List Vulnerabilities in a tenant

Use the list vulnerabilities API to filter vulnerabilities across the tenant with many options from Organization, Tenant, Integration, Asset, Severity, etc. By default all vulnerabilities are returned.

Date range filtering is supported using the firstObservedAtStart and firstObservedAtEnd parameters:

firstObservedAtStart alone: Includes vulnerabilities observed from the specified date to the present.
firstObservedAtEnd alone: Includes vulnerabilities observed up to the specified date.
Both provided: Includes vulnerabilities observed within the specified date range.

Date strings must follow ISO 8601 format (e.g., 2023-02-01T18:09:07Z).

GET

tenant

vulnerabilities

List

curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/vulnerabilities \
  --header 'Authorization: Bearer <token>'

{
  "data": [
    {
      "schemaVersion": "2022-06-09",
      "assetId": "prn:assets:a",
      "organizationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "tenantId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "integrationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc",
      "vulnerabilityId": "CVE-2022-22965",
      "provider": "AWS",
      "assetType": "AWS::EC2::Instance",
      "description": "A flaw was found in shadow-utils.",
      "severityLevel": "HIGH",
      "firstObservedAt": "2023-10-27T04:54:37.830Z",
      "lastObservedAt": "2023-10-27T04:54:37.830Z",
      "publishedDate": "2023-10-27T04:54:37.830Z",
      "executionId": "1678607803935",
      "title": "Sample Vulnerability Title",
      "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl",
      "severitySource": "redhat",
      "primaryUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-22965",
      "packages": [
        {
          "packageName": "sample-package",
          "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl",
          "targetType": "sample-target-type",
          "targetPath": "ip-172-31-29-14.ap-southeast-2.compute.internal",
          "targetClass": "os-pkgs",
          "fixedVersion": "1.0.1",
          "installedVersion": "1.0.0"
        }
      ],
      "cwes": [
        {
          "id": "1",
          "name": "CWE-123",
          "cweId": "CWE-123",
          "source": "MITRE",
          "sourceUrl": "https://example.com/cwe/CWE-123",
          "description": "This is a sample CWE description."
        }
      ],
      "hasKev": true,
      "hasExploit": false,
      "hasVendorFix": true,
      "knownExploit": "<unknown>",
      "exploits": [
        {
          "id": "1",
          "title": "Sample Exploit Title",
          "description": "This is a sample exploit description.",
          "source": "MITRE",
          "sourceUrl": "https://example.com/exploit/CVE-2023-12345"
        }
      ],
      "exemptions": [
        {
          "exemptionId": "e26380da-946e-496e-bebe-9774dae93ed5",
          "exemption": {
            "name": "exemption-rule-001",
            "reason": "ACCEPTED_RISK",
            "createdAt": "2025-06-05T04:54:49.495Z",
            "updatedAt": "2025-06-05T04:54:49.495Z",
            "rules": [
              {
                "exemptionType": "ASSET_VULNERABILITY",
                "vulnerabilityId": "CVE-2025-12345",
                "vulnerabilityIds": [
                  "CVE-2025-12345"
                ],
                "assetIds": [
                  "prn:assets:c00720a1-c167-4fbf-87ea-b6172949b62d:aws:ec2:instance:ap-southeast-2:i-02dd74c78250f9f1a"
                ],
                "assetGroupIds": [
                  "e26380da-946e-496e-bebe-9774dae93ed5"
                ],
                "assetRegions": [
                  "ap-southeast-2"
                ],
                "assetTags": [
                  {
                    "key": "Owner",
                    "value": "TeamOne"
                  }
                ],
                "noVendorFix": false
              }
            ]
          }
        }
      ],
      "severityLevelValue": 4
    }
  ],
  "meta": {
    "page": 123,
    "perPage": 123,
    "total": 123,
    "hasNextPage": true,
    "hasPreviousPage": true
  }
}

Authorizations

Authorization

string

header

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization

string

required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Content-Type

string

application/json

Query Parameters

vulnerabilityIds

string

Filter vulnerabilities on vulnerability ids. Accepts a comma-separated list with a maximum length of 100

Example:

[
  "CVE-2022-22965,CVE-2022-22966,CVE-2022-22967"
]

assetIds

string

Filter vulnerabilities on asset ids. Accepts a comma-separated list with a maximum length of 10

Example:

["prn:assets:a,prn:assets:b"]

providers

enum<string>

Filter vulnerabilities based on provider. Accepts a comma-separated list of providers.

Available options:

AWS,

Azure,

GCP,

Kubernetes

Example:

"AWS,GCP"

executionIds

string

Filter vulnerabilities on execution ids. Accepts a comma-separated list with a maximum length of 10

Example:

"1678607803935,1778607801234"

integrationIds

string

Filter vulnerabilities on integration ids. Accepts a comma-separated list with a maximum length of 10

Example:

"UUID1,UUID2"

assetGroupIds

string

Filter vulnerabilities on asset group ids. Accepts a comma-separated list of asset group ids.

Example:

"UUID1,UUID2"

environmentIds

string

Filter vulnerabilities based on environments. This parameter accepts both environment IDs (UUIDs) and environment names.

Supported environment names:

'production' — Production environment
'non-production' — Non-production environment

You can provide environment IDs, names, or a combination of both. Names are resolved to IDs internally before filtering.

Example:

"production,550e8400-e29b-41d4-a716-446655440000"

packageName

string

Filter vulnerabilities on a package name.

Example:

"lodash"

regions

string

Filter vulnerabilities on asset regions.

Example:

"us-east-1,us-west-2"

targetName

string

Filter vulnerabilities on a target name. For ECS Task Definitions this will be {TaskDefinition}:{revision} > {containerImage}

Example:

"EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl"

targetType

string

Filter vulnerabilities on a target type.

Example:

"targetType"

targetClass

string

Filter vulnerabilities on a target class.

Example:

"lang-pkgs,os-pkgs"

hasKev

boolean

Filter vulnerabilities on hasKev. Accepts true or false.

Example:

true

isExempted

boolean

default:false

Filter vulnerabilities based on exemptions. Returns exempted vulnerabilities if set true. Accepts true or false.

Example:

true

isExploitable

boolean

Filter vulnerabilities based on exploitability under the Common Vulnerability Scoring System (CVSS). Accepts true or false.

Example:

true

hasExploit

boolean

Filter vulnerabilities on hasExploit. Accepts true or false.

Example:

true

hasVendorFix

boolean

Filter vulnerabilities where the affected packages have a fixed version. Is true if any affected package has a fixed version. Accepts true or false.

Example:

true

severityLevels

enum<string>

Filter vulnerabilities on severity. Accepts a comma-separated list.

Available options:

CRITICAL,

HIGH,

MEDIUM,

LOW,

INFORMATIONAL,

UNKNOWN

Example:

"CRITICAL,HIGH"

firstObservedAtStart

string<date-time>

Start of the date range for filtering vulnerabilities based on the first observed time. Specify the start of the range using a valid ISO 8601 date-time string. If firstObservedAtStart is provided and firstObservedAtEnd is omitted, results will include vulnerabilities observed from this date to the present. Supported formats include:

yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)

Example:

"2023-02-01T18:09:07Z"

firstObservedAtEnd

string<date-time>

End of the date range for filtering vulnerabilities based on the first observed time. Specify the end of the range using a valid ISO 8601 date-time string. If firstObservedAtEnd is provided and firstObservedAtStart is omitted, results will include vulnerabilities observed up to this date. Supported formats include:

yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)

Example:

"2023-02-01T18:09:07Z"

sortBy

enum<string>

Sort results by the specified field.

Available options:

hasKev,

hasExploit,

lastObservedAt,

firstObservedAt,

severityLevelValue

Example:

"hasExploit"

sortOrder

enum<string>

Sort order for the results.

Available options:

ASC,

DESC

Example:

"ASC"

page

integer

default:1

Page number for the results. Accepts a positive integer.

Required range: x >= 1

Example:

10

perPage

integer

default:100

Number of results per page. Accepts a positive integer.

Required range: x <= 2000

Example:

50

Response

Successful response with the list of vulnerabilities

data

object[]

Show child attributes

data.schemaVersion

string

Example:

"2022-06-09"

data.assetId

string

Example:

"prn:assets:a"

data.organizationId

string

Example:

"98ca8825-a65a-4b50-a6f0-4851c406aedc"

data.tenantId

string

Example:

"98ca8825-a65a-4b50-a6f0-4851c406aedc"

data.integrationId

string

Example:

"98ca8825-a65a-4b50-a6f0-4851c406aedc"

data.vulnerabilityId

string

Example:

"CVE-2022-22965"

data.provider

string

Example:

"AWS"

data.assetType

string

Example:

"AWS::EC2::Instance"

data.description

string

Example:

"A flaw was found in shadow-utils."

data.severityLevel

string

Example:

"HIGH"

data.firstObservedAt

string

Example:

"2023-10-27T04:54:37.830Z"

data.lastObservedAt

string

Example:

"2023-10-27T04:54:37.830Z"

data.publishedDate

string

Example:

"2023-10-27T04:54:37.830Z"

data.executionId

string

Example:

"1678607803935"

data.title

string

Example:

"Sample Vulnerability Title"

data.targetName

string

Example:

"EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl"

data.severitySource

string

Example:

"redhat"

data.primaryUrl

string

Example:

"https://nvd.nist.gov/vuln/detail/CVE-2022-22965"

data.packages

object[]

Show child attributes

data.packages.packageName

string

Example:

"sample-package"

data.packages.targetName

string

Example:

"EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl"

data.packages.targetType

string

Example:

"sample-target-type"

data.packages.targetPath

string

Example:

"ip-172-31-29-14.ap-southeast-2.compute.internal"

data.packages.targetClass

string

Example:

"os-pkgs"

data.packages.fixedVersion

string

Example:

"1.0.1"

data.packages.installedVersion

string

Example:

"1.0.0"

data.cwes

object[]

Show child attributes

data.cwes.id

string

Example:

"1"

data.cwes.name

string

Example:

"CWE-123"

data.cwes.cweId

string

Example:

"CWE-123"

data.cwes.source

string

Example:

"MITRE"

data.cwes.sourceUrl

string

Example:

"https://example.com/cwe/CWE-123"

data.cwes.description

string

Example:

"This is a sample CWE description."

data.hasKev

boolean

Example:

true

data.hasExploit

boolean

Example:

false

data.hasVendorFix

boolean

Example:

true

data.knownExploit

object

Show child attributes

data.knownExploit.id

string

Example:

"1"

data.knownExploit.title

string

Example:

"Sample Exploit Title"

data.knownExploit.description

string

Example:

"This is a sample exploit description."

data.knownExploit.source

string

Example:

"MITRE"

data.knownExploit.sourceUrl

string

Example:

"https://example.com/exploit/CVE-2023-12345"

Example:

{
  "cveID": "CVE-2022-22965",
  "notes": "",
  "dueDate": "2022-04-25",
  "product": "Spring Framework",
  "dateAdded": "2022-04-04",
  "vendorProject": "VMware",
  "requiredAction": "Apply updates per vendor instructions.",
  "shortDescription": "Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.",
  "vulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability"
}

data.exploits

object[]

Show child attributes

data.exploits.id

string

Example:

"1"

data.exploits.title

string

Example:

"Sample Exploit Title"

data.exploits.description

string

Example:

"This is a sample exploit description."

data.exploits.source

string

Example:

"MITRE"

data.exploits.sourceUrl

string

Example:

"https://example.com/exploit/CVE-2023-12345"

data.exemptions

null | object[]

Show child attributes

data.exemptions.exemptionId

string<uuid>

Example:

"e26380da-946e-496e-bebe-9774dae93ed5"

data.exemptions.exemption

object

Show child attributes

data.exemptions.exemption.name

string

data.exemptions.exemption.reason

enum<string>

Available options:

ACCEPTED_RISK,

COMPENSATING_CONTROL,

NO_VENDOR_FIX,

NOT_IN_USE,

OTHER_REASONS

data.exemptions.exemption.rules

object[]

Show child attributes

data.exemptions.exemption.rules.exemptionType

enum<string>

Available options:

ASSET_VULNERABILITY,

BULK_EXEMPTION

data.exemptions.exemption.rules.vulnerabilityId

null | string

data.exemptions.exemption.rules.vulnerabilityIds

null | string[]

data.exemptions.exemption.rules.assetIds

null | string[]

data.exemptions.exemption.rules.assetRegions

null | string[]

data.exemptions.exemption.rules.assetGroupIds

null | string<uuid>[]

data.exemptions.exemption.rules.assetTags

null | object[]

Show child attributes

data.exemptions.exemption.rules.assetTags.key

string

data.exemptions.exemption.rules.assetTags.value

string

data.exemptions.exemption.rules.noVendorFix

boolean<nullable>

Example:

true

data.exemptions.exemption.createdAt

string

data.exemptions.exemption.updatedAt

string

Example:

[
  {
    "exemptionId": "e26380da-946e-496e-bebe-9774dae93ed5",
    "exemption": {
      "name": "exemption-rule-001",
      "reason": "ACCEPTED_RISK",
      "createdAt": "2025-06-05T04:54:49.495Z",
      "updatedAt": "2025-06-05T04:54:49.495Z",
      "rules": [
        {
          "exemptionType": "ASSET_VULNERABILITY",
          "vulnerabilityId": "CVE-2025-12345",
          "vulnerabilityIds": ["CVE-2025-12345"],
          "assetIds": [
            "prn:assets:c00720a1-c167-4fbf-87ea-b6172949b62d:aws:ec2:instance:ap-southeast-2:i-02dd74c78250f9f1a"
          ],
          "assetGroupIds": ["e26380da-946e-496e-bebe-9774dae93ed5"],
          "assetRegions": ["ap-southeast-2"],
          "assetTags": [{ "key": "Owner", "value": "TeamOne" }],
          "noVendorFix": false
        }
      ]
    }
  }
]

data.severityLevelValue

integer

Example:

4

Overview

API documentation

List Vulnerabilities in a tenant

Authorizations

Headers

Query Parameters

Response