Skip to main content
GET
/
vms
/
vulnerabilities
List Vulnerabilities
curl --request GET \
  --url https://api.leen.dev/v1/vms/vulnerabilities \
  --header 'X-API-KEY: <api-key>' \
  --header 'X-CONNECTION-ID: <api-key>'
import requests

url = "https://api.leen.dev/v1/vms/vulnerabilities"

headers = {
"X-CONNECTION-ID": "<api-key>",
"X-API-KEY": "<api-key>"
}

response = requests.get(url, headers=headers)

print(response.text)
const options = {
method: 'GET',
headers: {'X-CONNECTION-ID': '<api-key>', 'X-API-KEY': '<api-key>'}
};

fetch('https://api.leen.dev/v1/vms/vulnerabilities', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.leen.dev/v1/vms/vulnerabilities",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"X-API-KEY: <api-key>",
"X-CONNECTION-ID: <api-key>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://api.leen.dev/v1/vms/vulnerabilities"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("X-CONNECTION-ID", "<api-key>")
req.Header.Add("X-API-KEY", "<api-key>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("https://api.leen.dev/v1/vms/vulnerabilities")
.header("X-CONNECTION-ID", "<api-key>")
.header("X-API-KEY", "<api-key>")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.leen.dev/v1/vms/vulnerabilities")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["X-CONNECTION-ID"] = '<api-key>'
request["X-API-KEY"] = '<api-key>'

response = http.request(request)
puts response.read_body
{
  "count": 123,
  "items": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "name": "<string>",
      "description": "<string>",
      "scan_output": "<string>",
      "cve": [
        "<string>"
      ],
      "cvss_version": "<string>",
      "cvss_vector": "<string>",
      "cvss_temporal_score": 123,
      "cvss_temporal_vector": "<string>",
      "cert_id": "<string>",
      "port": 123,
      "protocol": "<string>",
      "service": "<string>",
      "first_seen": "2023-11-07T05:31:56Z",
      "last_seen": "2023-11-07T05:31:56Z",
      "updated_at": "2023-11-07T05:31:56Z",
      "state_updated_at": "2023-11-07T05:31:56Z",
      "patchable": true,
      "solution": "<string>",
      "vendor_id": "<string>",
      "vendor_severity": "<string>",
      "vendor_scan_id": "<string>",
      "device": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "last_seen": "2023-11-07T05:31:56Z",
        "first_seen": "2023-11-07T05:31:56Z",
        "source_vendors": [
          {
            "vendor": "<string>",
            "vendor_id": "<string>",
            "agent_info": {
              "agent_version": "<string>",
              "signature_version": "<string>",
              "policies": [
                {}
              ]
            }
          }
        ],
        "installed_software": [
          "<string>"
        ],
        "ad_info": {
          "org_unit": "<string>",
          "site_name": "<string>",
          "domain": "<string>",
          "device_id": "<string>"
        },
        "hostnames": [
          "<string>"
        ],
        "os_version": "<string>",
        "os_major_version": "<string>",
        "os_minor_version": "<string>",
        "fqdns": [
          "<string>"
        ],
        "ipv4s": [
          "<string>"
        ],
        "ipv6s": [
          "<string>"
        ],
        "mac_addresses": [
          "<string>"
        ],
        "cloud_metadata": {
          "cloud_provider": "aws",
          "account_id": "<string>",
          "region": "<string>",
          "availability_zone": "<string>",
          "instance_id": "<string>",
          "instance_type": "<string>",
          "image_id": "<string>",
          "kernel_id": "<string>",
          "vpc_id": "<string>",
          "subnet_id": "<string>"
        },
        "tags": [
          {
            "key": "<string>",
            "value": "<string>"
          }
        ],
        "identities": [
          {
            "username": "<string>",
            "user_sid": "<string>"
          }
        ],
        "vendor_data": {}
      },
      "resource": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "name": "<string>",
        "vendor": "<string>",
        "vendor_attributes": {
          "id": "<string>",
          "data": {
            "vendor": "qualys",
            "host_id": "<string>",
            "asset_id": "<string>",
            "tracking_method": "<string>"
          }
        },
        "tags": [
          {
            "key": "<string>",
            "value": "<string>"
          }
        ],
        "groups": [
          {
            "name": "<string>",
            "uid": "<string>"
          }
        ],
        "data": {
          "hostnames": [
            "<string>"
          ],
          "image": "<string>"
        },
        "cloud_metadata": {
          "account_id": "<string>",
          "account_name": "<string>",
          "cloud_provider": "<string>",
          "image_id": "<string>",
          "instance_id": "<string>",
          "instance_type": "<string>",
          "region": "<string>",
          "subnet_id": "<string>",
          "vpc_id": "<string>"
        },
        "url": "<string>",
        "first_seen": "2023-11-07T05:31:56Z",
        "last_seen": "2023-11-07T05:31:56Z"
      },
      "cvss_base_score": "CVSS base score",
      "severity": "none",
      "state": "open",
      "vulnerability_url": "<string>",
      "vendor_data": {}
    }
  ],
  "total": 123
}
{
"type": "<string>",
"code": "<string>",
"message": "<string>",
"detail": [
{}
]
}

Authorizations

X-CONNECTION-ID
string
header
required
X-API-KEY
string
header
required

Query Parameters

sort
string | null

Sort by field

Pattern: ^severity$|^severity\:asc$|^severity\:desc$|^updated_at$|^updated_at\:asc$|^updated_at\:desc$|^state_updated_at$|^state_updated_at\:asc$|^state_updated_at\:desc$
stateUpdatedSince
string<date-time> | null

Datetime filter, only return vulnerabilities where the state was updated since this datetime. Example format: 2021-01-01T00:00:00+00:00

firstSeenSince
string<date-time> | null

Datetime filter, only return vulnerabilities where the first seen since this datetime. Example format: 2021-01-01T00:00:00+00:00

lastSeenSince
string<date-time> | null

Datetime filter, only return vulnerabilities where the last seen since this datetime. Example format: 2021-01-01T00:00:00+00:00

deviceId
string | null

Device ID Filter, comma separated

resourceId
string | null

Resource ID Filter, comma separated

severity
string | null

Vulnerability severity filter, comma separated

state
string | null

Vulnerability state filter, comma separated

port
string | null

Port number filter, comma separated

protocol
string | null

Protocol filter, comma separated

category
string | null

Vulnerability category filter, comma separated

cve
string | null

CVE ID filter, comma separated

includeDeviceGroups
boolean
default:false

Include device groups in the devices attached to the vulnerability

deviceGroupId
string | null

Device group ID filter, comma separated

ids
string | null

Vulnerability ID filter, comma separated. Need to be valid UUIDs. Max 100 IDs

enableCursor
boolean
default:false

Enable cursor based pagination instead of default offset-based pagination

updatedSince
string<date-time> | null

Datetime filter, only return items updated since this datetime. Example format: 2021-01-01T00:00:00+00:00

limit
integer
default:100

Limit size (page size)

Required range: x >= 0
offset
integer
default:0

Offset index (starting index of page)

Required range: x >= 0
excludeTotal
boolean
default:false

Skips returning the total rows, total is set to null when true

cursor
string | null

Skip token to continue from the last item in the previous page

Response

Successful Response

count
integer
required

Number of items return in the response

items
Vulnerability · object[]
required

List of items returned in the response

total
integer | null

Total number of items that can be returned