Get CVE
Retrieves CVE vulnerability details.
Required Permissions
Requires the MEMBER role or higher.
HTTP Request
GET /api/sonar/cves/:id
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
https://HOSTNAME/api/sonar/cves/CVE-1999-0022
Request Parameters
| Key | Required | Type | Description | Note |
|---|---|---|---|---|
| id | Y | String | CVE identifier | CVE-[4-digit year]-[sequence] |
Success Response
{
"cve": {
"id": "CVE-2012-1422",
"status": "Deferred",
"description": "The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.",
"source": "MITRE",
"published": "2012-03-21 10:11:47+0900",
"updated": "2025-04-11 00:51:21+0900",
"cvss": [
{
"version": "2.0",
"score": 4.3,
"exploitability_score": 8.6,
"impact_score": 2.9,
"vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"severity": "MEDIUM",
"source": "NIST"
}
],
"cwes": [
{
"cwe_id": "CWE-264",
"type": "Primary",
"source": "NIST"
}
]
}
}
Error Responses
When the id does not exist
HTTP status code 400
{
"error_code": "invalid-argument",
"error_msg": "cve 'CVE-2012-9999' not found"
}