Best way to query vulnerabilities with CVE ID

Hi, I am looking for the most appropriate API endpoint to call to check number of instances of a known CVE.

I see that you can call either ‘/api/3/vulnerabilities/’ or ‘/api/3/vulnerabilities/{id}’ if you have the vulnerability id value.

Is it possible to perform a search based only on the CVE ID?


So those endpoints don’t actually show you just the assets with the instances but instead show you all possible vulnerability checks that we can perform.

What you’re probably looking for is POST Asset Search

The payload would be using vulnerability-title contains “CVE-XXXX-XXXX”:

    "match": "all",
    "filters": [
            "field": "vulnerability-title",
            "operator": "contains",
            "value": "CVE-XXXX-XXXX"