API Documentation (V2)
Vulnerability Findings
curl --request GET \
--url https://api.leen.dev/v2/vulnerability_findings \
--header 'X-API-KEY: <api-key>' \
--header 'X-CONNECTION-ID: <api-key>'{
"items": [
{
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"severity": "CRITICAL",
"state": "OPEN",
"type": "DEPENDENCY",
"vendor_attributes": {
"id": "<string>",
"state": "<string>",
"severity": "<string>",
"url": "<string>",
"updated_at": "2023-11-07T05:31:56Z",
"created_at": "2023-11-07T05:31:56Z",
"vulnerability_identifiers": [
{
"type": "CVE",
"value": "<string>"
}
],
"data": {
"report_type": "SAST",
"scanner": {
"id": "<string>",
"vendor": "<string>",
"name": "<string>"
},
"vendor": "GITLAB"
}
},
"title": "<string>",
"description": "<string>",
"analytic_output": "<string>",
"first_seen": "2023-11-07T05:31:56Z",
"last_seen": "2023-11-07T05:31:56Z",
"ticket": {
"uid": "<string>",
"url": "<string>",
"status": "<string>"
},
"has_fix": true,
"remediation": "<string>",
"product": {
"vendor_name": "<string>",
"name": "<string>"
},
"analytic": {
"type": "<string>",
"uid": "<string>",
"name": "<string>",
"url": "<string>"
},
"resource_related": [
{
"affected_code": {
"file_path": "<string>",
"start_line_number": 123,
"end_line_number": 123,
"url": "<string>"
},
"affected_image": "<string>",
"affected_os": "<string>",
"affected_package": {
"name": "<string>",
"version": "<string>",
"package_manager": "<string>",
"reachability": "REACHABLE"
},
"affected_platform": "<string>",
"port": 123,
"protocol": "<string>",
"service": "<string>"
}
],
"state_updated_at": "2023-11-07T05:31:56Z",
"resources": [
{
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"name": "<string>",
"type": "BRANCH",
"state": "ACTIVE",
"vendor": "<string>",
"vendor_attributes": {
"id": "<string>",
"data": {
"vendor": "qualys",
"host_id": "<string>",
"asset_id": "<string>",
"tracking_method": "<string>"
}
},
"tags": [
{
"key": "<string>",
"value": "<string>",
"source": "wiz_vms"
}
],
"groups": [
{
"name": "<string>",
"uid": "<string>"
}
],
"data": {
"hostnames": [
"<string>"
],
"image": "<string>"
},
"cloud_metadata": {
"account_id": "<string>",
"account_name": "<string>",
"cloud_provider": "<string>",
"image_id": "<string>",
"instance_id": "<string>",
"instance_type": "<string>",
"region": "<string>",
"subnet_id": "<string>",
"vpc_id": "<string>"
},
"url": "<string>",
"first_seen": "2023-11-07T05:31:56Z",
"last_seen": "2023-11-07T05:31:56Z"
}
],
"vulnerabilities": [
{
"uid": "<string>",
"published": "2023-11-07T05:31:56Z",
"last_modified": "2023-11-07T05:31:56Z",
"status": "<string>",
"source_identifier": "<string>",
"cvss_scores": [
{
"version": "<string>",
"score": 123,
"vector": "<string>",
"severity": "<string>"
}
],
"description": "<string>",
"references": [
{
"url": "<string>",
"source": "<string>",
"tags": [
"<string>"
]
}
],
"weaknesses": [
"<string>"
],
"created_at": "2023-11-07T05:31:56Z",
"updated_at": "2023-11-07T05:31:56Z"
}
]
}
],
"next_cursor": "<string>",
"previous_cursor": "<string>"
}List Vulnerability Findings
List vulnerability findings with keyset pagination and filtering options.
- severity: Filter by severity (comma-separated list, e.g., ‘CRITICAL,HIGH’)
- state: Filter by state (comma-separated list, e.g., ‘OPEN,REOPENED’)
- has_fix: Filter by whether a fix is available
- first_seen_since: Filter by findings first seen after this date
- last_seen_since: Filter by findings last seen after this date
- state_updated_since: Filter by findings with state updated after this date
- resourceId: Filter by resource ID (comma-separated list)
- ids: Filter by finding IDs (comma-separated list of UUIDs, max 100)
curl --request GET \
--url https://api.leen.dev/v2/vulnerability_findings \
--header 'X-API-KEY: <api-key>' \
--header 'X-CONNECTION-ID: <api-key>'{
"items": [
{
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"severity": "CRITICAL",
"state": "OPEN",
"type": "DEPENDENCY",
"vendor_attributes": {
"id": "<string>",
"state": "<string>",
"severity": "<string>",
"url": "<string>",
"updated_at": "2023-11-07T05:31:56Z",
"created_at": "2023-11-07T05:31:56Z",
"vulnerability_identifiers": [
{
"type": "CVE",
"value": "<string>"
}
],
"data": {
"report_type": "SAST",
"scanner": {
"id": "<string>",
"vendor": "<string>",
"name": "<string>"
},
"vendor": "GITLAB"
}
},
"title": "<string>",
"description": "<string>",
"analytic_output": "<string>",
"first_seen": "2023-11-07T05:31:56Z",
"last_seen": "2023-11-07T05:31:56Z",
"ticket": {
"uid": "<string>",
"url": "<string>",
"status": "<string>"
},
"has_fix": true,
"remediation": "<string>",
"product": {
"vendor_name": "<string>",
"name": "<string>"
},
"analytic": {
"type": "<string>",
"uid": "<string>",
"name": "<string>",
"url": "<string>"
},
"resource_related": [
{
"affected_code": {
"file_path": "<string>",
"start_line_number": 123,
"end_line_number": 123,
"url": "<string>"
},
"affected_image": "<string>",
"affected_os": "<string>",
"affected_package": {
"name": "<string>",
"version": "<string>",
"package_manager": "<string>",
"reachability": "REACHABLE"
},
"affected_platform": "<string>",
"port": 123,
"protocol": "<string>",
"service": "<string>"
}
],
"state_updated_at": "2023-11-07T05:31:56Z",
"resources": [
{
"id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"name": "<string>",
"type": "BRANCH",
"state": "ACTIVE",
"vendor": "<string>",
"vendor_attributes": {
"id": "<string>",
"data": {
"vendor": "qualys",
"host_id": "<string>",
"asset_id": "<string>",
"tracking_method": "<string>"
}
},
"tags": [
{
"key": "<string>",
"value": "<string>",
"source": "wiz_vms"
}
],
"groups": [
{
"name": "<string>",
"uid": "<string>"
}
],
"data": {
"hostnames": [
"<string>"
],
"image": "<string>"
},
"cloud_metadata": {
"account_id": "<string>",
"account_name": "<string>",
"cloud_provider": "<string>",
"image_id": "<string>",
"instance_id": "<string>",
"instance_type": "<string>",
"region": "<string>",
"subnet_id": "<string>",
"vpc_id": "<string>"
},
"url": "<string>",
"first_seen": "2023-11-07T05:31:56Z",
"last_seen": "2023-11-07T05:31:56Z"
}
],
"vulnerabilities": [
{
"uid": "<string>",
"published": "2023-11-07T05:31:56Z",
"last_modified": "2023-11-07T05:31:56Z",
"status": "<string>",
"source_identifier": "<string>",
"cvss_scores": [
{
"version": "<string>",
"score": 123,
"vector": "<string>",
"severity": "<string>"
}
],
"description": "<string>",
"references": [
{
"url": "<string>",
"source": "<string>",
"tags": [
"<string>"
]
}
],
"weaknesses": [
"<string>"
],
"created_at": "2023-11-07T05:31:56Z",
"updated_at": "2023-11-07T05:31:56Z"
}
]
}
],
"next_cursor": "<string>",
"previous_cursor": "<string>"
}Query Parameters
Sort by field Sort by field
Filter by severity (comma-separated list, e.g., 'CRITICAL,HIGH') Filter by severity (comma-separated list, e.g., 'CRITICAL,HIGH')
Filter by state (comma-separated list, e.g., 'OPEN,REOPENED') Filter by state (comma-separated list, e.g., 'OPEN,REOPENED')
Filter by whether a fix is available Filter by whether a fix is available
Filter by findings first seen after this date Filter by findings first seen after this date
Filter by findings last seen after this date Filter by findings last seen after this date
Filter by findings with state updated after this date Filter by findings with state updated after this date
Filter by resource ID (comma-separated list) Filter by resource ID (comma-separated list)
Filter by finding IDs (comma-separated list of UUIDs, max 100) Filter by finding IDs (comma-separated list of UUIDs, max 100)
Datetime filter, only return items updated since this datetime. Example format: 2021-01-01T00:00:00+00:00
Datetime filter, only return items updated since this datetime. Example format: 2021-01-01T00:00:00+00:00
Skip token to continue from the last item in the previous page Skip token to continue from the last item in the previous page
Limit size (page size) Limit size (page size)
x >= 0Response
Successful Response
List of items returned in the response
Show child attributes
Show child attributes
Leen's UUID for the vulnerability finding
Severity of the vulnerability finding
CRITICAL, HIGH, MEDIUM, LOW, INFO, UNKNOWN State of the vulnerability finding
OPEN, CLOSED, REOPENED, IGNORED, DELETED, UNKNOWN Type of the vulnerability finding
DEPENDENCY, CODE, SECRET, CONTAINER, IAC, HOST, UNKNOWN Vendor-specific attributes of the finding
Show child attributes
Show child attributes
Vendor-reported ID of the vulnerability finding
Vendor-reported state of the vulnerability finding
Vendor-reported severity of the vulnerability finding
URL to the finding in the vendor platform
Timestamp when the vendor last updated the finding
Timestamp when the vendor first created the finding
List of additional vulnerability identifiers (CVE, CWE, …) reported by the vendor
- AppSecIssueVulnIdentifierCVE
- AppSecIssueVulnIdentifierCWE
- AppSecIssueVulnIdentifierOWASP
- AppSecIssueVulnIdentifierOther
- AppSecIssueVulnIdentifierGHSA
Vendor-specific data associated with the finding
- GitlabGraphqlVulnerabilityVendorAttributesData
- UpwindVulnerabilityFindingVendorAttributesData
- CheckmarxVulnerabilityFindingVendorAttributesData
- SemgrepVendorAttributesData
- AikidoVulnerabilityFindingVendorAttributesData
- ArnicaVendorAttributesData
- QualysVulnerabilityVendorData
- GitHubVulnerabilityFindingVendorAttributesData
- TenableVulnerabilityVendorData
- OrcaVulnerabilityFindingVendorAttributesData
- WizCodeVendorAttributesData
Show child attributes
Show child attributes
SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, SECRET_DETECTION GITLAB "GITLAB"Title of the vulnerability finding
Description of the vulnerability finding
Analytic output of the vulnerability finding
First seen of the vulnerability finding
Last seen of the vulnerability finding
Has fix of the vulnerability finding
Remediation of the vulnerability finding
Resource related of the vulnerability finding
Show child attributes
Show child attributes
Show child attributes
Show child attributes
REACHABLE, POTENTIALLY_REACHABLE, UNREACHABLE, UNKNOWN Last time the state was updated for the finding
List of resources associated with the finding
Show child attributes
Show child attributes
Leen's UUID for the resource
Resource name
Type of the resource
BRANCH, HOST, CONTAINER, DEPENDENCY, IMAGE, REPOSITORY, UNKNOWN State of the resource
ACTIVE, IGNORED, DELETED, INACTIVE, QUARANTINED, UNKNOWN The source vendor of the resource
Vendor-specific attributes like IDs
Show child attributes
Show child attributes
Vendor specific ID
Vendor specific data
- QualysDeviceVendorData
- TenableDeviceVendorData
- OrcaResourceVendorAttributesData
Show child attributes
Show child attributes
qualys "qualys"Cloud metadata for the resource
Show child attributes
Show child attributes
Cloud account identifier
Cloud account name
Cloud service provider
Cloud image identifier
Cloud instance identifier
Type of cloud instance
Cloud region
Cloud subnet identifier
Cloud VPC identifier
URL associated with the resource
Timestamp when the resource was first seen
Timestamp when the resource was last seen
List of CVE Knowledge Base entries associated with the finding
Show child attributes
Show child attributes
Skip token to continue from the last item in the previous page
Skip token to continue from the first item in the previous page