Vulnerabilities API
Query vulnerability data across all your monitored projects.
GET /api/vulnerabilities/summary
Returns an aggregate summary of vulnerabilities across all projects.
curl https://rorix.io/api/vulnerabilities/summary \
-H "Authorization: Bearer rxk_your_api_key_here"Response
{
"total": 23,
"critical": 2,
"high": 5,
"medium": 10,
"low": 6,
"projects_affected": 4,
"fixable": 18
}GET /api/vulnerabilities/:id
Returns detailed information about a specific vulnerability.
curl https://rorix.io/api/vulnerabilities/CVE-2024-0056 \
-H "Authorization: Bearer rxk_your_api_key_here"Response
{
"id": "CVE-2024-0056",
"title": "Microsoft.Data.SqlClient Information Disclosure",
"description": "A vulnerability in Microsoft.Data.SqlClient allows information disclosure via a man-in-the-middle attack during TLS negotiation.",
"severity": "critical",
"cvss": 8.7,
"published": "2024-01-09T00:00:00Z",
"modified": "2024-03-15T00:00:00Z",
"affected_packages": [
{
"name": "Microsoft.Data.SqlClient",
"affected_versions": "< 5.1.4",
"fixed_in": "5.1.4"
}
],
"references": [
"https://github.com/dotnet/announcements/issues/295",
"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056"
],
"projects": [
{
"id": "proj_abc123",
"name": "MyApp",
"version_used": "4.1.0"
}
]
}GET /api/vulnerabilities/aging
Returns vulnerability aging data, showing how long known vulnerabilities have been present in your projects.
curl https://rorix.io/api/vulnerabilities/aging \
-H "Authorization: Bearer rxk_your_api_key_here"Response
{
"aging": [
{ "range": "0-7 days", "count": 3 },
{ "range": "8-30 days", "count": 8 },
{ "range": "31-90 days", "count": 7 },
{ "range": "91+ days", "count": 5 }
],
"mean_time_to_remediate_days": 34
}