Skip to main content
GET
/
v1
/
tenant
/
vulnerabilities
List
curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/vulnerabilities \
  --header 'Authorization: Bearer <token>'
{ "data": [ { "schemaVersion": "2022-06-09", "assetId": "prn:assets:a", "organizationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc", "tenantId": "98ca8825-a65a-4b50-a6f0-4851c406aedc", "integrationId": "98ca8825-a65a-4b50-a6f0-4851c406aedc", "vulnerabilityId": "CVE-2022-22965", "provider": "AWS", "assetType": "AWS::EC2::Instance", "description": "A flaw was found in shadow-utils.", "severityLevel": "HIGH", "firstObservedAt": "2023-10-27T04:54:37.830Z", "lastObservedAt": "2023-10-27T04:54:37.830Z", "publishedDate": "2023-10-27T04:54:37.830Z", "executionId": "1678607803935", "title": "Sample Vulnerability Title", "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl", "severitySource": "redhat", "primaryUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-22965", "packages": [ { "packageName": "sample-package", "targetName": "EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl", "targetType": "sample-target-type", "targetPath": "ip-172-31-29-14.ap-southeast-2.compute.internal", "targetClass": "os-pkgs", "fixedVersion": "1.0.1", "installedVersion": "1.0.0" } ], "cwes": [ { "id": "1", "name": "CWE-123", "cweId": "CWE-123", "source": "MITRE", "sourceUrl": "https://example.com/cwe/CWE-123", "description": "This is a sample CWE description." } ], "hasKev": true, "hasExploit": false, "hasVendorFix": true, "knownExploit": { "cveID": "CVE-2022-22965", "notes": "", "dueDate": "2022-04-25", "product": "Spring Framework", "dateAdded": "2022-04-04", "vendorProject": "VMware", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.", "vulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability" }, "exploits": [ { "id": "1", "title": "Sample Exploit Title", "description": "This is a sample exploit description.", "source": "MITRE", "sourceUrl": "https://example.com/exploit/CVE-2023-12345" } ], "exemptions": [ { "exemptionId": "e26380da-946e-496e-bebe-9774dae93ed5", "exemption": { "name": "exemption-rule-001", "reason": "ACCEPTED_RISK", "createdAt": "2025-06-05T04:54:49.495Z", "updatedAt": "2025-06-05T04:54:49.495Z", "rules": [ { "exemptionType": "ASSET_VULNERABILITY", "vulnerabilityId": "CVE-2025-12345", "vulnerabilityIds": [ "CVE-2025-12345" ], "assetIds": [ "prn:assets:c00720a1-c167-4fbf-87ea-b6172949b62d:aws:ec2:instance:ap-southeast-2:i-02dd74c78250f9f1a" ], "assetGroupIds": [ "e26380da-946e-496e-bebe-9774dae93ed5" ], "assetRegions": [ "ap-southeast-2" ], "assetTags": [ { "key": "Owner", "value": "TeamOne" } ], "noVendorFix": false } ] } } ], "severityLevelValue": 4 } ], "meta": { "page": 123, "perPage": 123, "total": 123, "hasNextPage": true, "hasPreviousPage": true } }

Authorizations

Authorization
string
header
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization
string
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Content-Type
string

application/json

Query Parameters

vulnerabilityIds
string

Filter vulnerabilities on vulnerability ids. Accepts a comma-separated list with a maximum length of 100

Example:

"CVE-2022-22965,CVE-2022-22966,CVE-2022-22967"

assetIds
string

Filter vulnerabilities on asset ids. Accepts a comma-separated list with a maximum length of 10

Example:
["prn:assets:a,prn:assets:b"]
providers
enum<string>

Filter vulnerabilities based on provider. Accepts a comma-separated list of providers.

Available options:
AWS,
Azure,
GCP,
Kubernetes
Example:

"AWS,GCP"

executionIds
string

Filter vulnerabilities on execution ids. Accepts a comma-separated list with a maximum length of 10

Example:

"1678607803935,1778607801234"

integrationIds
string

Filter vulnerabilities on integration ids. Accepts a comma-separated list with a maximum length of 10

Example:

"UUID1,UUID2"

assetGroupIds
string

Filter vulnerabilities on asset group ids. Accepts a comma-separated list of asset group ids.

Example:

"UUID1,UUID2"

environmentIds
string

Filter vulnerabilities on the environment. This parameter accepts any combination of environment name or environment IDs (UUIDs) in a comma-separated list.

Supported environment names:

  • production - Production environment
  • non-production - Non-production environment
Example:

"production,550e8400-e29b-41d4-a716-446655440000"

packageName
string

Filter vulnerabilities on a package name.

Example:

"lodash"

regions
string

Filter vulnerabilities on asset regions.

Example:

"us-east-1,us-west-2"

targetName
string

Filter vulnerabilities on a target name. For ECS Task Definitions this will be {TaskDefinition}:{revision} > {containerImage}

Example:

"EcsTaskDefinition:15 > nginx:1.19.1-alpine-perl"

targetType
string

Filter vulnerabilities on a target type.

Example:

"targetType"

targetClass
string

Filter vulnerabilities on a target class.

Example:

"lang-pkgs,os-pkgs"

hasKev
boolean

Filter vulnerabilities on hasKev. Accepts true or false.

Example:

true

isExempted
boolean
default:false

Filter vulnerabilities based on exemptions. Returns exempted vulnerabilities if set true. Accepts true or false.

Example:

true

isExploitable
boolean

Filter vulnerabilities based on exploitability under the Common Vulnerability Scoring System (CVSS). Accepts true or false.

Example:

true

hasExploit
boolean

Filter vulnerabilities on hasExploit. Accepts true or false.

Example:

true

hasVendorFix
boolean

Filter vulnerabilities where the affected packages have a fixed version. Is true if any affected package has a fixed version. Accepts true or false.

Example:

true

severityLevels
enum<string>

Filter vulnerabilities on severity. Accepts a comma-separated list.

Available options:
CRITICAL,
HIGH,
MEDIUM,
LOW,
INFORMATIONAL,
UNKNOWN
Example:

"CRITICAL,HIGH"

firstObservedAtStart
string<date-time>

Start of the date range for filtering vulnerabilities based on the first observed time. Specify the start of the range using a valid ISO 8601 date-time string. If firstObservedAtStart is provided and firstObservedAtEnd is omitted, results will include vulnerabilities observed from this date to the present. Supported formats include:

  • yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
  • yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)
Example:

"2023-02-01T18:09:07Z"

firstObservedAtEnd
string<date-time>

End of the date range for filtering vulnerabilities based on the first observed time. Specify the end of the range using a valid ISO 8601 date-time string. If firstObservedAtEnd is provided and firstObservedAtStart is omitted, results will include vulnerabilities observed up to this date. Supported formats include:

  • yyyy-MM-ddTHH:mm:ssZ (e.g., 2020-12-18T08:00:00Z)
  • yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2020-12-18T08:00:00.000Z)
Example:

"2023-02-01T18:09:07Z"

sortBy
enum<string>

Sort results by the specified field.

Available options:
hasKev,
hasExploit,
lastObservedAt,
firstObservedAt,
severityLevelValue
Example:

"hasExploit"

sortOrder
enum<string>

Sort order for the results.

Available options:
ASC,
DESC
Example:

"ASC"

page
integer
default:1

Page number for the results. Accepts a positive integer.

Required range: x >= 1
Example:

10

perPage
integer
default:100

Number of results per page. Accepts a positive integer.

Required range: x <= 2000
Example:

50

Response

Successful response with the list of vulnerabilities

data
object[]
meta
object