Vulnerabilities API¶

Query and manage vulnerability matches for your software inventory.

List Vulnerabilities¶

Retrieve matched vulnerabilities across your inventory.

GET /api/vulnerabilities
Authorization: Bearer <token>

Query Parameters¶

Parameter	Type	Description
`page`	integer	Page number (default: 1)
`per_page`	integer	Items per page (default: 50, max: 200)
`cve_id`	string	Filter by CVE ID (e.g., `CVE-2024-0001`)
`severity`	string	Filter: `critical`, `high`, `medium`, `low`
`priority`	string	Filter: `critical`, `high`, `medium`, `low` (SentriKat priority)
`product_id`	integer	Filter by product
`organization_id`	integer	Filter by organization
`ransomware`	boolean	Filter KEVs known to be used in ransomware
`in_kev`	boolean	Filter by CISA KEV catalog inclusion
`status`	string	Filter: `open`, `mitigated`, `accepted`, `false_positive`
`sort`	string	Sort: `severity`, `epss_score`, `due_date`, `created_at`
`order`	string	`asc` or `desc`

Example¶

curl "https://sentrikat.example.com/api/vulnerabilities?severity=critical&in_kev=true&status=open" \
  -H "Authorization: Bearer <token>"

Response¶

{
  "items": [
    {
      "id": 1,
      "cve_id": "CVE-2024-0001",
      "description": "Remote code execution vulnerability in Example Software",
      "severity": "critical",
      "cvss_score": 9.8,
      "epss_score": 0.87,
      "in_kev": true,
      "ransomware_use": true,
      "kev_due_date": "2024-03-01",
      "priority": "critical",
      "status": "open",
      "affected_products": [
        {"id": 1, "name": "Example Software", "version": "1.0.0"}
      ],
      "affected_assets": 12,
      "remediation": "Upgrade to version 1.0.1 or later",
      "references": [
        "https://nvd.nist.gov/vuln/detail/CVE-2024-0001"
      ],
      "created_at": "2024-02-01T00:00:00Z"
    }
  ],
  "total": 23,
  "page": 1,
  "per_page": 50,
  "pages": 1
}

Get Vulnerability¶

Retrieve details for a specific vulnerability.

GET /api/vulnerabilities/{id}
Authorization: Bearer <token>

Get Vulnerability by CVE ID¶

GET /api/vulnerabilities/cve/{cve_id}
Authorization: Bearer <token>

Example¶

curl "https://sentrikat.example.com/api/vulnerabilities/cve/CVE-2024-0001" \
  -H "Authorization: Bearer <token>"

Update Vulnerability Status¶

Change the status of a vulnerability match.

PATCH /api/vulnerabilities/{id}
Authorization: Bearer <token>
Content-Type: application/json

{
  "status": "mitigated",
  "notes": "Upgraded to patched version on 2024-02-15"
}

Status Values¶

Status	Description
`open`	Active vulnerability requiring attention
`mitigated`	Remediation applied
`accepted`	Risk accepted with justification
`false_positive`	Not applicable to your environment

Vulnerability Summary¶

Get aggregated vulnerability statistics.

GET /api/vulnerabilities/summary
Authorization: Bearer <token>

Response¶

{
  "total": 156,
  "by_severity": {
    "critical": 3,
    "high": 18,
    "medium": 67,
    "low": 68
  },
  "by_status": {
    "open": 88,
    "mitigated": 45,
    "accepted": 15,
    "false_positive": 8
  },
  "kev_count": 5,
  "ransomware_count": 2,
  "average_epss": 0.23
}

Export Vulnerabilities¶

Export vulnerability data in various formats.

GET /api/vulnerabilities/export?format=csv
Authorization: Bearer <token>

Supported formats: csv, json, pdf

Query Parameters¶

Same as List Vulnerabilities, plus:

Parameter	Type	Description
`format`	string	Export format: `csv`, `json`, `pdf`